Healthcare Information Security

HIPAA Compliance

Will HIPAA Compliance be Affected by Ebola?

by Elizabeth Snell

Healthcare organizations need to ensure they remain HIPAA compliant while still keeping the public properly informed about the Ebola virus. The Ebola virus has been making national headlines for months, and healthcare organizations have been...

HIPAA Technical Safeguards: A Basic Review

by Elizabeth Snell

It’s critical to review the requirements of HIPAA technical safeguards to ensure that your healthcare organization is compliant and able to keep PHI safe. While no healthcare organization can guarantee that a data breach will never take...

Patient Privacy, HIPAA Violation Case Argued in Calif. Court

by Elizabeth Snell

A California medical center has gone to court over accusations that it violated patient privacy by releasing a patient’s private medical information. Patient privacy rights and HIPAA compliance are taking center stage in a California court,...

HIPAA Compliance Will Be Reviewed in OIG 2015 Work Plan

by Elizabeth Snell

The OIG released its 2015 work plan, which includes a review of hospitals’ contingency planning and if they are HIPAA compliant. The US Department of Health and Human Services Office of Inspector General (OIG) will bring a greater...

Doctors Can Be Sued for HIPAA Negligence, Says Conn. Court

by Elizabeth Snell

The state Supreme Court ruled that physicians can be sued for HIPAA negligence if it violates certain regulations. Patients can sue a medical office for HIPAA negligence if it violates regulations that dictate how healthcare organizations must...

Five HIPAA Omnibus Compliance Myths

by Elizabeth Snell

The HIPAA Omnibus Rule was significant for the healthcare industry. Many of the rule’s stipulations drastically affected how covered entities, business associates (BAs) and subcontractors handle risk management and breach notification....

HITRUST Common Security Framework: Tips for Healthcare Facilities

by Elizabeth Snell

The HITRUST Common Security Framework (CSF) is an important tool that healthcare organizations of all sizes can use in their approach to regulatory compliance and risk management. But what exactly are the basics of the CSF program, and what can...

HIPAA Business Associate Agreements: What Needs to be Included?

by Elizabeth Snell

Healthcare organizations should take the time to review the regulations for HIPAA Business Associate Agreements. The deadline for all HIPAA business associate agreements (BAAs) to be up to date and in line with the regulations set forth by the...

Fla. Court: HIPAA Not Violated in Malpractice Reform

by Elizabeth Snell

A federal appeals court ruled that it is not a HIPAA violation for physician defendants to have equal access to plaintiffs’ health information. Physician defendants can have equal access to plaintiffs’ health information, as it is not in...

Key HIPAA Compliance Resources for Healthcare Providers

by Sponsored Content

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) was designed to improve the efficiency and effectiveness of the nation’s healthcare system. However, it is important for healthcare organizations to remain current on any...

West Virginia REC offers provider security, privacy tips

by Patrick Ouellette

The Office of the National Coordinator for Health Information Technology (ONC) shared news this week that Regional Extension Centers (RECs) have aided more than 100,000 healthcare organizations in EHR adoption and Stage 1 Meaningful Use attestation....

Updating HIPAA BAAs before Sept. 23, 2014: Compliance tips

by Patrick Ouellette

With fall quickly approaching, the last compliance piece to the HIPAA Omnibus Rule is coming up quick as well. As of September 23, 2014, all HIPAA business associate agreements (BAAs) must be up to date and in line with the regulations set forth...

UC Davis Health creates EHR, user access provisioning tool

by Patrick Ouellette

UC Davis Health System (UCDHS) recently published a study that detailed how it created a new tool that has improved clinical efficiency, user access provisioning and EHR security. UC Davis Health System was an early EHR adopter, but it had previously...

Healthcare cybersecurity, compliance: Avoidable breaches

by Patrick Ouellette

It’s safe to say that many healthcare IT security and compliance professionals read data breach headlines with great interest in that they’re both relieved it’s not their organization and are already thinking of what they can...

How healthcare can learn from retail’s IT security mistakes

by Patrick Ouellette

There’s little doubt the healthcare industry’s perception of security and compliance has changed to a serious one within the past few years. While regulatory demands and business needs are certainly strong drivers, what should healthcare...

How RECs can help providers with HIPAA education, awareness

by Patrick Ouellette

When small providers try to fill gaps in working toward maintaining HIPAA compliance, many healthcare experts see Regional Extension Centers (RECs) as valuable educational assets. There are 62 RECs across the United States that are working with...

HIPAA Omnibus Rule webcast: New regulation considerations

by Patrick Ouellette

Most experienced healthcare professionals know that there is no beginning or end to HIPAA compliance. Organizations must be continually working toward compliance while being able to show evidence of compliance. The HIPAA Omnibus Rule was released...

How healthcare providers should reinvest in IT security

by Patrick Ouellette

For years, Reza Chapman, who works in the Health Care Advisory Services practice at EY (formerly Ernst & Young), has seen healthcare organizations not invest as much as needed in IT security. As a result of HIPAA Omnibus Rule requirements...

Evidence of HIPAA compliance tips for healthcare providers

by Patrick Ouellette

Just last week, the Department of Health and Human Services (HHS) revealed $4.8 million worth of HIPAA fines for New York and Presbyterian Hospital and Columbia University. And Mac McMillan, CEO of CynergisTek, Inc., recently told

How will OCR fill HIPAA enforcement leadership openings?

by Patrick Ouellette

Now that Susan McAndrew, former Deputy Director for Health Information Privacy at the Office for Civil Rights (OCR), has retired, what will be the short and long-term effects within OCR? It’s important to note that McAndrew’s retirement...


SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
Data Breaches

Our privacy policy

no, thanks