Security & Compliance
21 views | +0 today
Follow
Your new post is loading...
Your new post is loading...
Scooped by Jeff Grady
Scoop.it!

HIPAA Compliance In the Cloud: How to Enhance Data Security and Compliance Through New Technology

HIPAA Compliance In the Cloud: How to Enhance Data Security and Compliance Through New Technology | Security & Compliance | Scoop.it
Barry Peters Perspectives From A BPO (HIPAA Compliance In the Cloud: How to Enhance Data Security and Compliance Through New Technology http://t.co/8NloYxDqc3)...
more...
No comment yet.
Scooped by Jeff Grady
Scoop.it!

HIPAA Final Omnibus Rule: Attorney Says Federal Officials ...

HIPAA Final Omnibus Rule: Attorney Says Federal Officials ... | Security & Compliance | Scoop.it
AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.
more...
No comment yet.
Rescooped by Jeff Grady from healthcare news
Scoop.it!

Handling HIPAA: 4 new provisions providers must know

Handling HIPAA: 4 new provisions providers must know | Security & Compliance | Scoop.it
If knowledge--including patient data--is power, then the U.S.

Via gcheg
more...
No comment yet.
Scooped by Jeff Grady
Scoop.it!

HIPAA compliance in the cloud - Computerworld (blog)

HIPAA compliance in the cloud - Computerworld (blog) | Security & Compliance | Scoop.it
HIPAA compliance in the cloud Computerworld (blog) The new HIPAA Omnibus rule, which went into effect on March 26th, 2013, is kind of like staying at a friend's house – though the rules are way more complicated, and the penalty for non-compliance...
more...
No comment yet.
Scooped by Jeff Grady
Scoop.it!

Regulatory: Compliance deadline for new HIPAA rules is rapidly approaching

Regulatory: Compliance deadline for new HIPAA rules is rapidly approaching | Security & Compliance | Scoop.it
On Jan.17, the Department of Health and Human Services released its long-awaited, final HIPAA rule (Inside Counsel: Regulatory: Compliance deadline for new HIPAA rules is rapidly approaching http://t.co/3rwGRvqlji)...
more...
No comment yet.
Scooped by Jeff Grady
Scoop.it!

HIPAA Encryption in the Cloud: Don’t Sacrifice Performance for Security

HIPAA Encryption in the Cloud: Don’t Sacrifice Performance for Security | Security & Compliance | Scoop.it
Earlier this year, OCR (Office for Civil Rights) Director Leon Rodriguez was quoted on the topic of HIPAA encryption: “…regardless of size, covered entities must take action and will be held accountable for safeguarding their patients’ health...
more...
No comment yet.
Scooped by Jeff Grady
Scoop.it!

Looking at the HIPAA Final Omnibus Rule: An Attorney's Perspective - Healthcare Informatics

Looking at the HIPAA Final Omnibus Rule: An Attorney's Perspective - Healthcare Informatics | Security & Compliance | Scoop.it
Looking at the HIPAA Final Omnibus Rule: An Attorney's Perspective Healthcare Informatics The stringent requirements embedded in what is being called the “HIPAA Final Omnibus Rule”—a set of regulations published by the Office for Civil Rights (OCR)...
more...
No comment yet.
Scooped by Jeff Grady
Scoop.it!

Verifying the specifics of a HIPAA-compliant product - HealthITSecurity.com

PhysBizTech
Verifying the specifics of a HIPAA-compliant product
HealthITSecurity.com
Should vendors that say their products and services are “HIPAA compliant” also have a “Buyer Beware” sticker attached for healthcare organizations?
more...
No comment yet.
Scooped by Jeff Grady
Scoop.it!

September 23, 2013: HIPAA health data security compliance ...

September 23, 2013: HIPAA health data security compliance ... | Security & Compliance | Scoop.it
So what happens on September 23, 2013? That is the deadline for compliance with new HIPAA regulations. If you're thinking HIPAA is “so last decade” then you need to think again, as in HIPAA 2.0. In January of this year, the ...
more...
No comment yet.
Rescooped by Jeff Grady from HIPAA Compliance Seal
Scoop.it!

Deadline To Update HIPAA Materials Is September 23, 2013 - Mondaq News Alerts (registration)

Deadline To Update HIPAA Materials Is September 23, 2013 - Mondaq News Alerts (registration) | Security & Compliance | Scoop.it
Deadline To Update HIPAA Materials Is September 23, 2013
Mondaq News Alerts (registration)
The final rules went into effect on March 26, 2013; covered entities and business associates must comply with the final rule by September 23, 2013.

Via Tony Hardman
more...
Tony Hardman's curator insight, August 7, 2013 5:35 PM
Contemplating a HIPAA Compliance Seal

 

The Pros and Cons of 3rd Party Attestations

http://blog.securestate.com/contemplating-a-hipaa-compliance-seal/

Rescooped by Jeff Grady from HIPAA Compliance Seal
Scoop.it!

The Complexity of Data Privacy and Compliance under HIPAA-HITECH

The Complexity of Data Privacy and Compliance under HIPAA-HITECH | Security & Compliance | Scoop.it

The federal government released final rules pertaining to Privacy, Security, and Breach reporting compliance under the Health Information Technology for Economic and Clinical Health (HITECH) Act.


Via Darshan, Tony Hardman
more...
Tony Hardman's curator insight, August 7, 2013 5:36 PM
Contemplating a HIPAA Compliance Seal

 

The Pros and Cons of 3rd Party Attestations

http://blog.securestate.com/contemplating-a-hipaa-compliance-seal/

Rescooped by Jeff Grady from HIPAA Compliance Seal
Scoop.it!

HIPAA Omnibus Rule Means Tighter Security, Privacy & Compliance - eDocSecure Compliance Solutions | HIPAA-HITECH Consulting

HIPAA Omnibus Rule Means Tighter Security, Privacy & Compliance - eDocSecure Compliance Solutions | HIPAA-HITECH Consulting | Security & Compliance | Scoop.it

HIPAA Omnibus Rule Means Tighter Security, Privacy & Compliance (http://t.co/m3sAT2XvdR)


Via Darshan, Tony Hardman
more...
Tony Hardman's curator insight, August 7, 2013 5:37 PM
Contemplating a HIPAA Compliance Seal

 

The Pros and Cons of 3rd Party Attestations

http://blog.securestate.com/contemplating-a-hipaa-compliance-seal/

Rescooped by Jeff Grady from HIPAA Compliance Seal
Scoop.it!

Meeting the HIPAA Omnibus Rule Compliance Deadline: What Providers Need to Know


Via Carla Gentry CSPO, Tony Hardman
more...
Carla Gentry CSPO's curator insight, July 23, 2013 10:55 AM

In order to comply with the Omnibus Rule, providers must update their internal privacy policies to reflect the changes to the HIPAA Privacy Rule, Security Rule, and Breach Notification Rule. Below are certain key changes that a provider will likely need to make to its internal privacy policies. - See more at: http://www.mcguirewoods.com/Client-Resources/Alerts/2013/6/Meeting-HIPAA-Omnibus-Rule-Compliance-Deadline-What-Providers-Need-Know.aspx#sthash.EEc4BIiU.dpuf

Tony Hardman's curator insight, August 7, 2013 5:37 PM
Contemplating a HIPAA Compliance Seal

 

The Pros and Cons of 3rd Party Attestations

http://blog.securestate.com/contemplating-a-hipaa-compliance-seal/

Scooped by Jeff Grady
Scoop.it!

6 things organizations are doing that are not HIPAA compliant

HIPAA Omnibus Rule enforcement is coming next month, Now is a good time to look at common HIPAA violations. Here is a list of common HIPAA violations.
more...
No comment yet.
Scooped by Jeff Grady
Scoop.it!

5 Tips To Ensure A HIPAA Compliant Hosting Provider

5 Tips To Ensure A HIPAA Compliant Hosting Provider | Security & Compliance | Scoop.it
Compliance is always a tricky and complex subject, and HIPAA compliance takes this complexity to an even higher level.
more...
No comment yet.
Scooped by Jeff Grady
Scoop.it!

In HIPAA “Possession” is 10/10ths of The Law - Healthcare Informatics (blog)

In HIPAA “Possession” is 10/10ths of The Law - Healthcare Informatics (blog) | Security & Compliance | Scoop.it
In HIPAA “Possession” is 10/10ths of The Law Healthcare Informatics (blog) Business associates are responsible for compliance with the full HIPAA Security Rule and those portions of the Privacy Rule that apply to what they are doing on behalf of...
more...
No comment yet.
Scooped by Jeff Grady
Scoop.it!

Business Associates

Obamacare HIPAA HITECH-all I want to do is care for my patients-here's some new regs/rules for us minions. http://t.co/Tu38EKZjEU
more...
No comment yet.
Scooped by Jeff Grady
Scoop.it!

HIPPA Re-Boot D-Day: September 23rd

HIPPA Re-Boot D-Day: September 23rd | Security & Compliance | Scoop.it
September 23, 2013 is the date that medical practices and other covered healthcare entities will roll out a new Notice of Privacy Practices to patients to be compliant with the HIPAA Omnibus rule (Are you ready for #HIPAA re-boot D-day?
more...
No comment yet.
Rescooped by Jeff Grady from Health
Scoop.it!

New HIPAA Omnibus Rules 2013

The HIPAA Covered Entities must update their policies, procedures, and Notices of Privacy Practices according to the New HIPAA Omnibus Update by September 23rd, 2013; or they have to pay a fine of $50,000 per day.

Via Steve Armstrong
more...
No comment yet.
Scooped by Jeff Grady
Scoop.it!

Is a Pharmacy a Covered Entity Under HIPAA? | Physicians Practice

Is a Pharmacy a Covered Entity Under HIPAA? | Physicians Practice | Security & Compliance | Scoop.it
Here's a look at what covered entities are under the HIPAA Omnibus Rule and where pharmacies that work with your medical practice fit in.
more...
No comment yet.
Scooped by Jeff Grady
Scoop.it!

ADA HIPAA kit addresses new rules - American Dental Association ...

ADA HIPAA kit addresses new rules - American Dental Association ... | Security & Compliance | Scoop.it
Time waits for no one, nor do changes to HIPAA rules. The Health Insurance Portability and Accountability Act protects patients' interests. To reinforce that protection—and protect your practice at the same time—consider ...
more...
No comment yet.
Scooped by Jeff Grady
Scoop.it!

OCR, Affinity Health Plan reach HIPAA violation agreement ...

The Office for Civil Rights (OCR) and Affinity Health Plan (AHP) reached a $1215780 HIPAA violation settlement for a data breach that dates back to 2010.
more...
No comment yet.
Rescooped by Jeff Grady from HIPAA Compliance Seal
Scoop.it!

HIPAA concerns drive cloud-based data sharing

HIPAA concerns drive cloud-based data sharing | Security & Compliance | Scoop.it
Do you use Dropbox, YouSendIt, or email to send images and other patient data to your lab or colleagues? If so, you might want to rethink the practice, given the growing emphasis on HIPAA compliance and patient privacy.

Via The Smile Generation, Tony Hardman
more...
Tony Hardman's curator insight, August 7, 2013 5:36 PM
Contemplating a HIPAA Compliance Seal

 

The Pros and Cons of 3rd Party Attestations

http://blog.securestate.com/contemplating-a-hipaa-compliance-seal/

Rescooped by Jeff Grady from HIPAA Compliance Seal
Scoop.it!

Building HIPAA compliance, patient privacy investment business cases

Selling senior leadership on HIPAA compliance and patient privacy investments is difficult; here are tips to help outline the business case.

Via AnalyticsInnovations, Tony Hardman
more...
Tony Hardman's curator insight, August 7, 2013 5:36 PM
Contemplating a HIPAA Compliance Seal

 

The Pros and Cons of 3rd Party Attestations

http://blog.securestate.com/contemplating-a-hipaa-compliance-seal/

Rescooped by Jeff Grady from HIPAA Compliance Seal
Scoop.it!

HIPAA Breaches in the Cloud

HIPAA Breaches in the Cloud | Security & Compliance | Scoop.it

Two recent incidents at Oregon Health & Science University involved inappropriate storage of unencrypted patient information in the cloud.


Via Karl Wabst, Tony Hardman
more...
Karl Wabst's curator insight, August 1, 2013 1:12 PM

Changes to HIPAA regulations, adoption of cloud technologies and lack of training are being blamed for a privacy / security breach.

 

3 thoughts:

 

Organizational change, e.g. new regulations and / or technologies greatly increases the likelihood of errors and fraud. Focusing on the technical changes and giving limited attention to people / behavior change is going to increase failure.

 

Physicians violated policy by posting data on 3,000 patients in unencrypted spreadsheets so they could share information. Certainly, the hospital failed in training and monitoring the behavior of its employees.

 

The hospital did not have a BA Agreement with Google, even though the TOS indicate data stored with the Internet-based provider "can be used for the 'purpose of operating, promoting, and improving its services, and to develop new ones. Never give vendors permission to use your proprietary / sensitive data to develop new services! This is bad business practice. Vendors / Partners can easily become competitors. Why give them an edge?

 

 

Tony Hardman's curator insight, August 7, 2013 5:36 PM
Contemplating a HIPAA Compliance Seal

 

The Pros and Cons of 3rd Party Attestations

http://blog.securestate.com/contemplating-a-hipaa-compliance-seal/