HIPAA Privacy and Security Reminders – Necessary Evil, Operational Baseline or Competitive Advantage? How do you and your colleagues think about compliance with the HIPAA-HITECH privacy, security and breach notification rules? We’re finding that organizations and their leaders are evolving their thinking about the safeguarding their members’, patients’ or customers’ personal information in general and the […]Read More
HIPAA Privacy and Security Reminders – WellPoint OCR Settlement Agreement What Was the Nature of the Information and How Many Individuals Were Affected? The ePHI, including names, dates of birth, addresses, Social Security numbers, telephone numbers and health information, of 612,402 health insurance applicants was impermissibly disclosed after WellPoint failed to adequately implement policies and procedures […]Read More
HIPAA Privacy and Security Reminders – Increased Risk and Consequences of Medical Identity Theft What Happened? The 2013 Survey on Medical Identity Theft, conducted by the Ponemon Institute and sponsored by the Medical Identity Fraud Alliance (MIFA), finds that the risk of medical identity theft is increasing, as is the seriousness of the medical and financial […]Read More
Compliance assessment? Security Evaluation? Risk Assessment? Risk Analysis? Compliance Analysis? Huh? Lots of confusion continues to swirl around the difference between a HIPAA Security Evaluation versus HIPAA Security Risk Analysis. No wonder, the terms are often used interchangeably. Let’s end the confusion… Here’s today’s big tip – Learn the critical difference – Don’t Confuse HIPAA Security Evaluation and Risk Analysis !Read More
In case the HHS / OCR Final Guidance on Risk Analysis published in July 2010 and the May 2012 ONC Guide to Privacy and Security of Health Information were not enough to clarify the importance of and how to actually conduct a bona fide HIPAA Security Risk Analysis, the recently published OCR HIPAA HITECH audit protocols provide further insight into what […]Read More
The “algebra” (some would say “calculus”) of Risk Analysis requires the identification of risks. This identification begins with inventorying information assets of value, then considering threats to these assets and vulnerabilities of these assets after consideration of current controls and environmental factors.Read More
Thousands of professionals trust Clearwater to bring them the latest news and information on Compliance and Cybersecurity Risk Management.