Health IT Security and Compliance

Privacy and Direct to Consumer

By Matt Fisher – What is the state of privacy in direct to consumer solutions in healthcare? It is an important question to ask because expectations and reality do not necessarily align. For example, users (patients to a degree) will see a healthcare solution and expect that standard protections will apply.

Read More



Take Care in Healthcare Marketing

By Matt Fisher – The Office for Civil Rights recently provided new lessons when it comes to mixing healthcare marketing and HIPAA. In this case, marketing is being looked at broadly to include not just communications or interactions about an organization subject to HIPAA, but also limits on the use of patient information outside the bounds of the organization.


HIPAA’s Role in Setting Good Security

By Matt Fisher – The Office for Civil Rights is promoting HIPAA as being able to prevent or substantially mitigate the impacts of a cyber attack. It is a bold statement from OCR and one that bears unpacking. Why is OCR asserting that HIPAA can prevent or substantially mitigate a cyber attack?




What Is MFA….and Do I Need It?

By Art Gross – Multi-Factor Authentication, or as it has become commonly known, MFA, is the practice of “doubling down” on your login security. You are using Multiple (more than one) Factors (ways or methods) to Authenticate (verify) your identity when you access an account.