Determining whether or not you are or are not a covered entity is relatively straight forward, but is a hugely important step in becoming HIPAA compliant. So just in case there is anyone out there in the health care industry who is not sure about their standing as a covered entity, HHS produced a handy …
Read More
Under the HIPAA Omnibus rule, heath care providers have to be more careful than ever with how they handle protected information. This includes carefully managing any protected information that business associates might handle. According to the U.S. Department of Health and Human Services, a business associate is: “a person or entity, other than a member …
Read MorePasswords have become the primary mechanism by which many people prove their online identity so as to communicate, bank, shop, and use their electronics. This can be a good thing – easier access to information is usually positive. When it comes to protecting sensitive information however, people need to be increasingly careful with what they …
Read MoreOn April 23, the HCCA 2013 Compliancy Institute released the initial overview of its Audit of HIPAA privacy, security, and breach notification compliancy. Since December of 2012, 115 performance audits of health care providers, plans, and clearinghouses have been conducted. While the number of audits is small, the results have major implications for small providers. …
Read More1. “A definite relationship exists between industry and attack motive, which is most likely a byproduct of the data targeted.” This is a refrain repeated several times throughout the report. Given that a significant amount of the attacks are made from malevolent entities that are strictly attempting to steal data for monetary benefit, the data …
Read MoreIn short: yes, you should trust your business associates, but you must verify that they are claiming. So you should trust them, but you shouldn’t put faith in them. Whether you are a medical provider dealing with a business associates or a business associates engaging a subcontracting business associate, handing over data on the simple …
Read MoreEditors Note: This is a guest post from Aundraya Ruse 2013 Software Advice EMR Market Share Report As HITECH Act funds continue to be dispersed to qualified medical providers, it’s become much easier to track the EMR market size and share. That’s because the Centers for Medicare and Medicaid Services (CMS) now tracks EMR adoption. …
Read MoreAgency in HIPAA Omnibus Rule Whether or not an entity qualifies as a Business Associate or an Agent could potentially be very important for a medical practice. Why? Imagine the following scenario: You set up a relationship with a Business Associate (let’s say, an outsourced Billings provider). The Billings provider has a data breach. If …
Read MoreIf there are any medical providers or business associates out there who are using Google Apps or GMail as a Vendor, I would recommend that the following: Either conduct a Risk Assessment, or contact us to do so. Stop using Gmail and Google Apps immediately. Here’s our reasoning for offering that advise – Google is …
Read MoreOn 1.23.2013, Devin McGraw, Brian Ahier, and David Harlow sat down and chatted about HIPAA. These are big industry leaders, and it was great to hear their thoughts on the matters involved. Here’s the link to the video of the Session. Here are links to their media. Brian Ahier’s blog – http://www.ahier.blogspot.com/ David Harlow – …
Read More