The Office for Civil Rights (OCR) has decided enough is enough. As a result, it has laid down the gauntlet. Conduct a bona fide security risk analysis, or else! Risk management must come before compliance Newly named OCR Director Jocelyn Samuels … Continue reading
OCR Director Announces Open Season on Risk Analysis: Organizations Can Prepare, or Prepare to Pay Up
The one-year anniversary of the Omnibus Rule deadline is this week, yet providers are still seeking guidance on some of its harder to navigate specifications, such as how to provision an individual’s right to access his/her protected health information. Individuals … Continue reading
When hospital giant Community Health Systems recently experienced a data breach involving 4.5 million patient records, the Franklin, Tenn.-based company identified the culprit as a sophisticated Chinese cyber-espionage team. Yet, as of Aug. 27, 2014, only about 7 percent of … Continue reading
Key Ingredients: What’s the First Step for Cooking Up an Effective Information Risk Management Strategy?
At this point, it’s old news that the HIPAA Security Rule requires you to conduct a risk analysis to thoroughly assess “the potential risks and vulnerabilities to the confidentiality, integrity, and availability of electronic protected health information” under your watch. … Continue reading
The ‘headlines’ and ‘promotions’ I’ve seen over the last couple days suggest that there’s a simple ‘checklist’ of things to do to solve the myriad of complex information privacy, security and compliance issues facing the healthcare industry. It’s almost like … Continue reading
Clearwater Compliance Named Founding Premier Member of Association for Executives in Healthcare Information Security (AEHIS) Foundation
Clearwater Compliance is now a Founding Premier Member of the Association for Executives in Healthcare Information Security (AEHIS) Foundation, the company announced today. The AEHIS Foundation is the first professional organization serving as an education and networking platform to healthcare’s … Continue reading
How much would a data breach cost your organization? The latest stories to hit the headlines show the severe financial impact of a breach. Community Health Systems, Inc., (CHS) is one of the companies to have attracted negative press, after … Continue reading
Most companies in the U.S. likely feel that Health Insurance Portability and Accountability Act (HIPAA) violations are strictly a healthcare industry concern. But any company with a self-funded group health plan (GHP) is now subject to HIPAA regulations, and the … Continue reading
Are your employees breaching your PHI security procedures? We look at a recent example that highlights how quickly a single, unauthorized access can escalate into a costly lawsuit.
Community Health Systems, one of the nation’s largest for-profit hospital chains, recently reported a data breach involving an astounding 4.5 million patient records – and fingered a sophisticated Chinese cyber-espionage team as the culprit. While breaches of this magnitude make … Continue reading