Mike Semel


The 7 HIPAA Audit Items the Feds Selected

By Mike Semel – The Office for Civil Rights announced that the new permanent audit program has started. On July 11 letters were sent BY E-MAIL (check your junk mail folders!) to 167 health plans, health care providers, and health care clearing houses (all HIPAA Covered Entities) notifying them that they have to send in documentation for a ‘desk audit.’ They will have 10 days to send in the required materials for review.


Security & Compliance are Executive Responsibilities

By Mike Semel – By the time you read the ransom note it is too late for your patients/clients, your organization’s reputation, and maybe your career. But it doesn’t have to be. You can deal with Security and Compliance at the executive level now, and invest adequate attention and resources.


The FTC is the New Sheriff in Town

By Mike Semel – Don’t believe “We’re from the government and we are here to help you.” After a data breach in 2006 the FTC settled with ChoicePoint for $ 10 million and a 20-year monitored compliance program. Twenty-Years! In 2012 a company that had a HIPAA data breach was forced out of the state for two years by the Minnesota Attorney General.



Security By Walking Around

By Mike Semel – When we think Cyber-Security we logically think about technology tools to block North Korean or Chinese hackers from breaking into our networks. Those breaches make the news because they are so unique. What is much more common are users doing stupid things that neutralize your investment in security tools.


RIP Your HIPAA Rights Aren’t Buried With You

By Mike Semel – Just because you die your medical information isn’t free for the taking. The HITECH Act of 2009 says that your HIPAA privacy rights continue for 50 years past your death, providing safeguards but also questions, confusion, and frustration.