HIT Security Column by Mike Semel
Encryption is coming FAST… so don’t wait A state health department lost an unencrypted hard drive and paid a $ 1.7 million penalty. The health department would have saved $ 1,699,900 if it had spent $ 100 to encrypt the drive. A doctor lost an unencrypted laptop while traveling, resulting in a $ 1.5 million […]
Will Your Job Survive a Meaningful Use Audit? The Meaningful Use program can help offset technology costs or could cost your hospital or practice millions of dollars. It could also cost you your career. Having to return money can mean more than just a hit to your organization’s finances. If your hospital or practice fails […]
Everyone complains that the HIPAA Security Rule is inconvenient— which it is— but it doesn’t mean you can break the security rules in your medical office any more than you can break security rules at airports, government buildings, and sporting events. Here are a few examples of the HIPAA Security Rule Required and Addressable controls that we see medical practices ignoring on a regular basis.
Yes you are a HIPAA Business Associate! It’s what the law says that counts! HIPAA Business Associate Avoidance The HIPAA Omnibus Final Rule (see page 5572) was announced in January, 9 months ago, and was very clear that a business that stores electronic Protected Health Information, even if it doesn’t access it, is a HIPAA Business Associate. […]
Avoid a Costly HIPAA Data Breach with a Risk Analysis Do you think that HIPAA is just some annoying and expensive government intrusion without any cause? Do you think that all patient data is stored securely in your Electronic Health Record (EHR) system? Do you wonder why the government requires secure e-mail systems for healthcare […]
Being HIPAA Compliant is a Journey So, September 23, 2013, the HIPAA Omnibus Final Rule Enforcement Deadline, has come and gone, and you – the HIPAA Security Officer— are sitting back feeling confident that the HIPAA compliant policies, procedures, training, risk analysis, and all the other tasks you scrambled to finish are done. It’s time […]
The question about a lawyer or an accountant being a HIPAA Business Associate is directly related to several sections of the HIPAA Security Rule framework to protect electronic health information. It is even more important today with the HIPAA Business Associate and subcontractor changes in the HIPAA Omnibus Final Rule that will be enforced after September 23, 2013. Just like security after 9/11, HIPAA is changing the business landscape forever. You no longer have to be a healthcare company to be responsible for the protection of Protected Health Information (PHI.) With health care organizations now more responsible than ever for the compliance of their vendors, lawyers and accountants have to step up and become compliant with HIPAA.