In the popular TV series: "8 Simple Rules for Dating My Teenage Daughter," the rules may have been a bit exaggerated but they sure made their point. (Rule #1: Use your hands on my daughter and you'll lose them after).…
Details of the focus and scope of HIPAA audits have yet to be fully defined. However a few things are clear. Each audit will follow a “typical onsite audit process”
Several insights into what the OIG review could mean for you and your company. Additionally Redspin shares some recommendations.
Now this week, we learn the HHS Inspector General has audited HIT Standards, privacy protection under HIPAA, and other security measures at CMS and the ONC. Their conclusion? "OIG found weaknesses in the two HHS agencies entrusted with keeping sensitive patient records private and secure." Such weaknesses included lax oversight and insufficient standards for healthcare providers.
Business Associates being breached leaves hospitals and healthcare organizations open to scrutiny via the public. Exhibit A.
Strategic planning and basketball go together like wine and cheese.
With so much recent interest in IT security driven by the “meaningful use” incentive program, we want to share some our observations and perspectives from recent Redspin client engagements in the healthcare industry.
HITECH and the notice of proposed rule making (NPRM) published in the Federal Register July 14, 2010 significantly impact how Covered Entities (CEs) and Business Associates (BAs) manage health IT security risk under HIPAA.
HHS OCR has really taken its new role granted by HITECH seriously because they are seeking to tighten regulations and increase financial penalties.
Since the Breach Report 2010 portable media is trending as one of the easiest ways find yourself in a data breach scenario.