By Art Gross – The process of assessing your business when it comes to HIPAA Compliance will likely present you with the opportunity to review all the components that contribute to your professional structure and setup. This will likely include a website.Read More
Health IT Security and Compliance
By Art Gross – Recently we went over the role of the HIPAA Privacy Officer and what responsibilities that individual would oversee, as well as what qualifications an ideal candidate would bring to the position. Additionally, HIPAA Regulations require that you formally identify a Security Officer in addition to a Privacy Officer, but they can be the same person.
By Art Gross – Under the HIPAA Privacy Rule, there must be one individual who is identified as the Privacy Officer. What does that mean? Is it a paid job? What are the requirements? Are they the ones who will be accountable in the case of a violation or if a data breach should occur?
By Matt Fisher – What is the state of privacy in direct to consumer solutions in healthcare? It is an important question to ask because expectations and reality do not necessarily align. For example, users (patients to a degree) will see a healthcare solution and expect that standard protections will apply.
EHNAC and HITRUST announced a partnership to strengthen the framework of the Trusted Network Accreditation Program. TNAP seeks to promote interoperability by assuring the security and privacy of trusted networks and the use of enabling technologies in the healthcare ecosystem.
By Art Gross – Many people in healthcare make the incorrect assumption that their business won’t be a target for cybercriminals because they are “just a one-man show” or “aren’t part of a big network”. Neither way of thinking is wise.
By Art Gross – Are you familiar with the IoT or the Internet of Things? In healthcare, the Internet of Medical Things, or IoMT, includes the applications and medical devices that connect to the medical system through online computer networks.
By Matt Fisher – The Office for Civil Rights recently provided new lessons when it comes to mixing healthcare marketing and HIPAA. In this case, marketing is being looked at broadly to include not just communications or interactions about an organization subject to HIPAA, but also limits on the use of patient information outside the bounds of the organization.
By Matt Fisher – The Office for Civil Rights is promoting HIPAA as being able to prevent or substantially mitigate the impacts of a cyber attack. It is a bold statement from OCR and one that bears unpacking. Why is OCR asserting that HIPAA can prevent or substantially mitigate a cyber attack?