Breaking Down The Health Industry Cybersecurity Practices (HICP)
In this episode of Digital Checkup, Bill Siwicki asked Gerry Blass about the new Health Industry Cybersecurity Practices (HICP) Final Rule.
Briefings on HIPAA Article Shines Light on Need for Better Patient Access
A February 1 article published in Briefings on HIPAA focuses on recent findings from the Office for Civil Rights’ much-anticipated 2016-2017 HIPAA Audits Industry Report released in December 2020. The article shines light on some of the flaws and challenges in the way patient access to information has been handled over the years.
HIPAA and COVID-19 – A Timeline of OCR Notifications and Guidelines
We know. It can be difficult to find accurate and consistent information on HIPAA and the temporary changes due to COVID-19. To that end, we’ve put together a timeline and brief descriptions of the notifications and guidance issued by the OCR during the COVID-19 public health emergency.
Is Meaningful Use Still Meaningful?
Originally designed as part of HITECH to encourage providers to adopt electronic health records (EHRs), meaningful use was a means to an end – towards improved population health and better patient care among fragmented providers. The program prioritized five pillars of health outcomes:
GDPR Impact on US Healthcare Organizations
The General Data Protection Regulation (GDPR) is the European Union (EU) regulation on privacy and security of personally identifiable information (PII). It goes into effect on May 25, 2018. This blog provides an important comparison between GDPR and HIPAA.
Third Party (BA) Contract and Privacy and Security Risk Management
The HITECH-OMNIBUS final rule stepped up the requirements and for both CEs and BAs and both must now include the new requirements in their information privacy and security risk analysis and management program.
Office of Civil Rights Phase 2 HIPAA Audit Protocols
Based on prior statements from the OCR and their recently distributed survey, the pool of audit candidates will be approximately 800 to start. These randomly selected organizations will be chosen using the National Provider Identifier database and other external sources.
Workforce Risk and the Evolution of the Breach of Protected Health Information (PHI)
Who would have thought back in 1990 that someone in China or Russia or anywhere would be able to steal health information in a hospital in Anytown USA and even hold it for ransom.
Back to the Future – Root cause of Information Security Breaches
Healthcare seems to be the #1 target for hackers and ransomware and there are two (2) main reasons that make up the root cause.
Business Intelligence and Big Data – What are the HIPAA Privacy and Security Impacts?
Since we are talking about healthcare information we must talk about protected health information (PHI) and the HIPAA-HITECH-OMNIBUS Privacy, Security, and Breach Notification Rules. BI and Big Data analysis that includes PHI and its use and disclosure must be reviewed against the HIPAA security and privacy requirements and the breach notification requirements.