Health IT Security and Compliance

HIPAA Security Officer

By Art Gross – Recently we went over the role of the HIPAA Privacy Officer and what responsibilities that individual would oversee, as well as what qualifications an ideal candidate would bring to the position. Additionally, HIPAA Regulations require that you formally identify a Security Officer in addition to a Privacy Officer, but they can be the same person.



Privacy and Direct to Consumer

By Matt Fisher – What is the state of privacy in direct to consumer solutions in healthcare? It is an important question to ask because expectations and reality do not necessarily align. For example, users (patients to a degree) will see a healthcare solution and expect that standard protections will apply.





Take Care in Healthcare Marketing

By Matt Fisher – The Office for Civil Rights recently provided new lessons when it comes to mixing healthcare marketing and HIPAA. In this case, marketing is being looked at broadly to include not just communications or interactions about an organization subject to HIPAA, but also limits on the use of patient information outside the bounds of the organization.


HIPAA’s Role in Setting Good Security

By Matt Fisher – The Office for Civil Rights is promoting HIPAA as being able to prevent or substantially mitigate the impacts of a cyber attack. It is a bold statement from OCR and one that bears unpacking. Why is OCR asserting that HIPAA can prevent or substantially mitigate a cyber attack?