The HIPAA Security Risk Analysis requirement of the Stage 1 EHR Meaningful Use Incentive Plan is here to stay! Make sure you are compliant! Redspin's top of the line assessments will set you on the right path.
Audits are coming.
Details of the focus and scope of HIPAA audits have yet to be fully defined. However a few things are clear. Each audit will follow a “typical onsite audit process”
Here is how the EHR Technology certification process works
Third party Business Associates are now accounting for nearly 40% of data breaches of protected health information. This is an alarming uptick.
Several insights into what the OIG review could mean for you and your company. Additionally Redspin shares some recommendations.
As an independent provider of security assessments, we are keenly aware of the 2 primary drivers of an objective security assessment - security or compliance. Roughly, these two views of risk management can be thought of as similar in some ways but differing exponentially in others.
Now this week, we learn the HHS Inspector General has audited HIT Standards, privacy protection under HIPAA, and other security measures at CMS and the ONC. Their conclusion? "OIG found weaknesses in the two HHS agencies entrusted with keeping sensitive patient records private and secure." Such weaknesses included lax oversight and insufficient standards for healthcare providers.
Dan Berger's summary of the OCR/NIST HIPAA Security Conference in Washington D.C. 2011.
Dan Berger's comments on the Federal Health IT Strategic Plan, 2011-2015 in advance of the NIST/OCR HIPAA Security Rule Conference in Washington, D.C.