« February 2016 | Main | July 2016 »

March 18, 2016

Another One Bites the Dust!

Another day another CE gets whacked for millions for a preventable breach. Further, if you read between the lines the CE likely got whacked for willful neglect as well because it appears to be missing basic policies and procedures. What's the excuse here? Hubris! Surely an organization of this size should have had the basics in place. Either the C-Suite was OK with thumbing its nose at the law or the compliance officer was grossly negligent. Agreeing to pay $3.5M is no small change in addition to whatever the organization had to spend on breach notification, which was likely a lot more.

Posted at 07:14 AM | | Comments (0)

March 17, 2016

Business Associate Agreements & Risk Assessments

I seriously doubt that North Memorial Health Care of Minnesota was "guilty" of just these two violations post its breach, rather these are two that OCR happened to focus on to justify the $1.55M settlement.

If you read the CAP you will see additional action items that North Memorial must complete in order to comply.

Posted at 07:10 AM | | Comments (0)

March 03, 2016

HIPAA Survival Guide Newsletter March 2016

Our article this month is entitled: Revisiting BYOD & Security of Mobile Devices.

It has been about three years since we last wrote about BYOD. During that time all of our predictions have certainly come true and then some. Further, there have been no shortage of lost or stolen devices to confirm our hypothesis that BYOD would wreak havoc in the healthcare workplace (i.e. vis-a-vis potential breaches of PHI). In this article we actually want to be more proactive regarding actually proposing a reasonable, low cost, high value add, (partial) solution to the problem. However, we understand for reasons to be discussed below that this solution is almost certainly not going to be implemented except where there exist visionary (health information technology or "HIT") leaders at the very top of organizations...

You can read the entire article here:

 Our March Webinar will be on the same topic and you can register for this FREE Webinar below.

March Webinar: Revisiting BYOD & the Security of Mobile Devices
Description: Mobile devices, including the addition of the Internet of Things, threaten to create vulnerability vectors orders of magnitude greater that what we have today.
Thursday, March 24, 2016 2:00 PM - 3:30 PM EST
Register Here For The March Webinar

Looking for a simplified way to train your staff on HIPAA Breach Notification?  For a limited time, we are offering our Breach Notification Training Module F*R*E*E* when you sign up for our monthly newsletter (also free).  Go here to get your free training now!

Posted at 10:26 AM | | Comments (0)

My Photo

About

NEWSLETTER


  • ACO COMPLIANCE NEWSLETTER

    Join My ACO Mailing List

  • Email Newsletter icon, E-mail Newsletter icon, Email List icon, E-mail List icon
    Sign up for a FREE
    HITECH / HIPAA
    Compliance Newsletter

    Enter your email address

Categories

CC

Tools

  • Google Analytics

Essays and Such

  • HIPAA Survival Guide (PDF)
    Read the HSG in PDF format.
  • HIPAA Survival Guide (online)
    Practical advice for health care practitioners.

  • Search, KM & the Practice of Law

  • Silicon Stories eBook

  • Dirty Little Secret

  • Competitive Advantage

  • Process Patterns

  • Movie Making and Software Development

  • The Missing Factory

  • Architecture: Shack, House or Skyscraper?

  • The Talent Wars

  • Knowledge Management and Infotainment

  • What comes after what comes next?

May 2017

Sun Mon Tue Wed Thu Fri Sat
  1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30 31      

Archives

More...