Healthcare Information Security

HIPAA Compliance

Healthcare cybersecurity, compliance: Avoidable breaches

by Patrick Ouellette

It’s safe to say that many healthcare IT security and compliance professionals read data breach headlines with great interest in that they’re both relieved it’s not their organization and are already thinking of what they can...

How healthcare can learn from retail’s IT security mistakes

by Patrick Ouellette

There’s little doubt the healthcare industry’s perception of security and compliance has changed to a serious one within the past few years. While regulatory demands and business needs are certainly strong drivers, what should healthcare...

How RECs can help providers with HIPAA education, awareness

by Patrick Ouellette

When small providers try to fill gaps in working toward maintaining HIPAA compliance, many healthcare experts see Regional Extension Centers (RECs) as valuable educational assets. There are 62 RECs across the United States that are working with...

HIPAA Omnibus Rule webcast: New regulation considerations

by Patrick Ouellette

Most experienced healthcare professionals know that there is no beginning or end to HIPAA compliance. Organizations must be continually working toward compliance while being able to show evidence of compliance. The HIPAA Omnibus Rule was released...

How healthcare providers should reinvest in IT security

by Patrick Ouellette

For years, Reza Chapman, who works in the Health Care Advisory Services practice at EY (formerly Ernst & Young), has seen healthcare organizations not invest as much as needed in IT security. As a result of HIPAA Omnibus Rule requirements...

Evidence of HIPAA compliance tips for healthcare providers

by Patrick Ouellette

Just last week, the Department of Health and Human Services (HHS) revealed $4.8 million worth of HIPAA fines for New York and Presbyterian Hospital and Columbia University. And Mac McMillan, CEO of CynergisTek, Inc., recently told HealthITSecurity.com...

How will OCR fill HIPAA enforcement leadership openings?

by Patrick Ouellette

Now that Susan McAndrew, former Deputy Director for Health Information Privacy at the Office for Civil Rights (OCR), has retired, what will be the short and long-term effects within OCR? It’s important to note that McAndrew’s retirement...

Office for Civil Rights veteran Susan McAndrew retires

by Patrick Ouellette

Susan McAndrew, former Deputy Director for Health Information Privacy at the Office for Civil Rights (OCR), officially retired from Federal service on Friday, May 2, 2014. McAndrew was responsible for implementing and enforcing the HIPAA Security...

OIG report looks into Medicaid agency HIPAA BAA compliance

by Patrick Ouellette

A recent Office of Inspector General (OIG) report concentrated on how all 56 Medicaid agencies handle outsourcing administrative functions offshore, including whether they have HIPAA business associate agreements (BAAs) in place. The OIG found...

Unifying healthcare providers’ HIPAA and fundraising needs

by Patrick Ouellette

Ensuring that privacy and security needs don’t deter from a healthcare organization’s business initiatives, and vice-versa, requires the organization to have a strong understanding of the HIPAA Omnibus rule’s terminology. For...

Office for Civil Rights: HIPAA audits to be narrower in scope

by Patrick Ouellette

Details of the second phase Department of Health and Human Services (HHS) Office for Civil Rights (OCR) HIPAA audits are beginning to filter through and healthcare organizations would be smart to pay attention to OCR’s audit plans. It’s...

TigerText’s HIPAA guarantee: Provider, vendor ramifications

by Patrick Ouellette

Most healthcare professionals will agree that there are more secure messaging options out there than they can count. With different vendors competing against each other for hospital and provider business with their own versions of mobile platforms...

HHS, Medscape activity offers EHR privacy, security tips

by Patrick Ouellette

As the Department of Health and Human Services (HHS) reminded the HIMSS14 audience of a few months ago, HHS has been making concerted efforts to offer providers as many HIPAA related resources as possible. One of the latest pieces of content...

Involving nurses in mHealth strategy may boost security

by Patrick Ouellette

When considering how clinical and innovation requirements fit into their mobile strategy, some organizations don’t consider nurses’ needs as well. Spyglass Consulting Group recently released “Point of Care Communications for...

Calculating mental health data exposure ramifications

by Patrick Ouellette

When discussing patient privacy, mental and behavioral health records have a higher standard of care because of the sensitive nature of the information. Mental health patients have the subjective right to decide what is and isn’t available...

mHealth adoption creates data security challenges

by Nicole Freeman

The use of mobile devices within healthcare (mHealth) is rising as physicians, nurses, and other healthcare providers enjoy the portability and flexibility that mobile devices allow. Smart phones, tablets, and laptops provide easy access to health...

Survey: Data breach risk biggest concern for mHealth use

by Nicole Freeman

According to a recent Axway survey conducted during HIMSS14, data breaches are the biggest concern in mobile health (mHealth) technology for healthcare IT professionals. Axway is a provider of data flow management software, and its poll surveyed...

Small organizations’ steps toward 2014 HIPAA audit readiness

by Patrick Ouellette

While working directly with healthcare organizations on the challenges that HIPAA and HITECH present, Tony Kong, Director of the West Monroe Partners healthcare practice, believes there are reasonable compliance steps that organizations can take...

Healthcare provider advice in gearing up for 2014 HIPAA audits

by Patrick Ouellette

With the Office for Civil Rights (OCR) in the midst of organizing its 2014 HIPAA auditing program, now is a good time for healthcare providers to begin assessing their state of compliance and determine their readiness for these potential audits....

OCR readies pre-audit survey for HIPAA covered entities, BAs

by Patrick Ouellette

The Office for Civil Rights (OCR) began to set the table for its 2014 auditing program when it published an information collection request for HIPAA covered entities and business associates (BAs) in the Federal Register yesterday. While the exact...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks