Cybersecurity Reports and Resources
October is Cybersecurity Awareness Month. We have rounded up some reports, guides, and tool kits to help you #BeCyberSmart.
Read MoreOCR
Garbage Can Cause HIPAA Issues
By Matt Fisher – Throwing out the trash is an everyday occurrence whether in personal or business life. However, when it comes to healthcare organizations, it is necessary to think about what trash goes where. The consideration goes beyond the difference between regular waste and hazardous medical waste.
HIPAA Right to Access Enforcement
By Art Gross – The Office for Civil Rights isn’t offering leniency just because you’re a small business. Action will be taken, despite the impact that a HIPAA fine can have on this sector of healthcare. And as eleven recent investigations prove the point, many of those were small practices.
(Multiple) Malware Leads to HIPAA Settlement
By Matt Fisher – After a bit of a lull, meaning pretty much a full calendar quarter, the Office for Civil Rights is back with another HIPAA settlement. The newest settlement involves Oklahoma State University – Center for Health Sciences and a malware incident.
HHS Issues Guidance on HIPAA and Audio-Only Telehealth
The HHS, through its Office for Civil Rights, is issuing guidance on how covered health care providers and health plans can use remote communication technologies to provide audio-only telehealth service when such communications are conducted in a manner that is consistent with…
HIPAA Compliance Audit: What to Expect
By Art Gross – “We’re being audited!” Those words strike fear and uncertainty in most of us – especially if you are in healthcare. But what actually happens in a HIPAA audit? Will a government official show up unannounced with a briefcase and ask for you to produce every bit of your business’s HIPAA documentation while sequestering your team in a conference room? Not quite.
OCR Seeks Public Comment on HITECH Act Security Practices
The U.S. Department of Health and Human Services’ Office for Civil Rights released a Request for Information seeking input from the public on two requirements of the Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH Act), as amended in 2021.
Take Care in Healthcare Marketing
By Matt Fisher – The Office for Civil Rights recently provided new lessons when it comes to mixing healthcare marketing and HIPAA. In this case, marketing is being looked at broadly to include not just communications or interactions about an organization subject to HIPAA, but also limits on the use of patient information outside the bounds of the organization.
HIPAA’s Role in Setting Good Security
By Matt Fisher – The Office for Civil Rights is promoting HIPAA as being able to prevent or substantially mitigate the impacts of a cyber attack. It is a bold statement from OCR and one that bears unpacking. Why is OCR asserting that HIPAA can prevent or substantially mitigate a cyber attack?