Phase 2 of the much talked about HIPAA audits will soon begin, and the US Department of Health and Human Services’ Office for Civil Rights (OCR) is all set to review the compliance of covered entities and their business associates with all privacy, security, and breach notification standards set by the Health Information Technology for…
OCR has been repeatedly emphasizing the need to secure health records in order to prevent data breaches. But quite alarmingly, a large number of healthcare providers are yet to implement data security policies and procedures. Health data breaches have been growing at a disturbing rate, and several recent reports and government statements indicate that it…
The lesson to be learned from recent audits – security risk analysis is imperative for all health care enterprises. And this is a measure that cannot be taken lightly! The responsibility of protecting confidential patient data rests with healthcare enterprises and not EHR vendors. That is all the more reason why no organization can afford…
Health records are increasingly becoming the target of hackers worldwide. This disturbing trend has been observed through multiple incidents in the recent past, including the server breach at the Utah Department of Health two years ago, which impacted 780,000 individuals, and the incident at Montana Health Department last month, when the server was breached, impacting…
A thousand incidents and counting, the federal health breach tally hits an all-time high, now listing 1,010 major breaches reported since federal regulators started to track them in September 2009 after the HITECH Act came into effect. These breaches have together affected 31.5 million individuals. The noteworthy fact is that out of these, more than…
The healthcare information breach tally continues to rises steadily despite security regulations and associated legal action. And the latest data breach to grab the headlines is the Montana Breach, where hackers gained access to a health department server, compromising the information of 1.3 million individuals on a DPHHS (Department of Public Health and Human Services)…
In spite of the continued emphasis on the need for protecting Patient Health Information (PHI), there are still few healthcare enterprises who take things for granted! The latest Parkview Health System Inc., HIPAA settlement for a corrective action at $800,000 demonstrates the need for PHI to be protected in all forms, even paper records. The…
No organization can afford to take the risk of inadequate data protection, particularly when it is business associates dealing with sensitive patient information. Under the HIPAA Omnibus Rule, business associates of covered entities are directly liable for HIPAA compliance. However in reality, although healthcare organizations enter into comprehensive business associate agreements, many fail to hold…
Did you always think compliance with HIPAA was cumbersome and expensive? Think again! Its non-compliance that can cause you twice the trouble! The Office for Civil Rights has been doling out fines to ensure that all healthcare entities take notice of HIPAA compliance – and consequently there have been nine settlements since June 1, 2013,…
Besides serious time and resource commitment, every “Meaningful Use” audit results in a lot of stress. Healthcare enterprises heave a sigh of relief after passing an EHR Incentive Program audit, assuming they don’t have to bother anymore as they have proved their meaningful use merit to the Centers for Medicare & Medicaid Services (CMS). But…
