Live Support Software

HIT Security Column

New HIPAA Security Risk Assessment Tool Misses Mark

New HIPAA Security Risk Assessment Tool Misses Mark

 HIPAA Security Risk Assessment tool has serious flaws You would think that the US Department of Health and Human Services (HHS) Office of the National Coordinator’s (ONC) would have learned something from the healthcare.gov website fiasco. ONC should have better tested its new HIPAA Risk Assessment tool to avoid the embarrassment of another failed web […]

March 31, 2014 | By More
Hackers Are the New HIPAA Enforcers

Hackers Are the New HIPAA Enforcers

Most discussions of HIPAA enforcement center on audits and fines from the Office for Civil Rights (OCR). But I believe that wider compliance will come only when providers recognize that the real danger comes from deliberate data theft. First, some sobering statistics. There has been a 100 percent increase in cyber-attacks on medical organizations since […]

March 23, 2014 | By More
Can a Terminated User Cause a Breach ?

Can a Terminated User Cause a Breach ?

How Good Is Your Terminated User Checklist? Having a former employee access electronic Protected Health Information (ePHI) is a data breach.  In today’s computing environment terminating employee access can mean a lot more than just denying logins to your network and your Electronic Health Record (EHR) system. It can also be a challenge because more […]

March 17, 2014 | By More
L.A. Business Associate Causes HIPAA Breach of 165,000 Health Records

L.A. Business Associate Causes HIPAA Breach of 165,000 Health Records

A Business Associate working for the L.A. County department of health has caused a massive HIPAA breach of more than 165,000 health records. The breach occurred when eight laptops were stolen from Sutherland Healthcare Solution’s offices on February 5th. Now, anyone can suffer a break-in, so why do I write that the breach was the […]

March 11, 2014 | By More
HIPAA Enforcement Blind Spots

HIPAA Enforcement Blind Spots

HIPAA Enforcement goes beyond the OCR HIPAA enforcement has increased in recent years, but the US Department of Health and Human Services Office for Civil Rights (OCR) still only fines a few organizations out of the thousands of investigations it conducts. Many believe that OCR won’t ever catch them, which is probably true. However, HIPAA enforcement […]

March 3, 2014 | By More
Windows XP Debate Continues

Windows XP Debate Continues

What risks can you effectively manage? I am glad that some readers are engaged enough to vocally disagree with my recent article about Windows XP not being an acceptable risk after it loses its security patches and updates on April 8. While I do not agree with some of their opinions, I will not relegate […]

February 14, 2014 | By More
Lessons from the Target Data Breach

Lessons from the Target Data Breach

5 Things Even the Smallest Doctor’s Office Should Learn A doctor’s oath to “Do No Harm” also means they need to protect patient data. Protecting confidential  information is providing good health care. Identity theft can last a lot longer than an illness or injury. Just ask the victims of the Target data breach. Whether you […]

February 9, 2014 | By More