Blog Posts Tagged with "Business Associate"
Do Subpoenas Trump HIPAA or Trample Security of PHI?
January 12, 2012 Added by:Rebecca Herold
I’ve spoken to many business leaders over the years, and most have gotten serious about ensuring safeguards are in place when putting their signatures on attestations and other types of legally binding documents. So, you need to have documented procedures in place...
Comments (0)
HIPAA Security Rule Toolkit Available from NIST
December 21, 2011 Added by:Headlines
"The NIST HIPAA Security Toolkit Application is intended to help organizations better understand the requirements of the HIPAA Security Rule, implement those requirements, and assess those implementations in their operational environment..."
Comments (1)
HIPAA HITECH and Your Business Associates
May 09, 2011 Added by:Jack Anderson
As part of the webinar series "HIPAA HITECH Compliance for Smarties" we will be presenting a step by step process employing cloud computing to help covered entities set up a program to manage the HIPAA HITECH compliance of their business associates cost effectively and efficiently...
Comments (0)
HIPAA HITECH Compliance: No Substitute for Experience
May 03, 2011 Added by:Jack Anderson
Whether you are a large enterprise looking to manage hundreds of internal business units, a business associate looking to provide proof of compliance, or a very small sub-contractor, a comprehensive privacy and information security program is needed to meet HIPAA HITECH compliance...
Comments (2)
Physician Learns A Hard PHI Lesson
April 20, 2011 Added by:Rebecca Herold
What is important to point out about this case is that the doctor described the patient’s injuries in such a way that an unauthorized third party would be able to identify the person described, even though the doctor did not include any of the 18 specifically-named PHI items...
Comments (0)
Health Net Incident Impacts 1.9 Million: Lessons Learned
April 07, 2011 Added by:Rebecca Herold
Health Net is clearly stating that IBM is responsible for the breach. Guess what? When you outsource business activities to a third party, you do not outsource your responsibility. What was Health Net doing to ensure, on an ongoing basis, that IBM had appropriate safeguards in place?
Comments (0)
Disruptive Innovation in HIPAA HITECH Compliance
April 01, 2011 Added by:Jack Anderson
Healthcare needs disruptive innovation. HIPAA HITECH provides an opportunity to profoundly change information security and privacy by bringing millions of new participants into the picture. HHS estimates that 1-2 million business associates need to become HIPAA HITECH compliant...
Comments (0)
Auditors: Prepare for the "Year of Healthcare Privacy"
March 03, 2011 Added by:Rebecca Herold
Most of the lawyers and regulatory analysts I’ve spoken with have indicated that they anticipate most, if not all, of the proposed changes will be enacted into the Final Rule as law by the end of March 2011. Many changes will result, and eight areas will be significantly impacted...
Comments (0)
Can Cloud Computing Enhance Compliance?
February 27, 2011 Added by:Jack Anderson
Rebecca Herold, recently voted the #3 Best Privacy Advisor in the world and Jack Anderson, CEO of Compliance Helper discuss a new use of cloud computing, or Software as a Service (SaaS) to enhance compliance and improve security and privacy...
Comments (0)
HIPAA: It’s About the Information
February 06, 2011 Added by:Rebecca Herold
It is very important that covered entities (CEs), business associates (BAs) and their subcontractors understand that HIPAA applies to protecting the information. It doesn’t matter what the conduit is for how the information is transmitted, or where it is stored and accessed from...
Comments (0)
Proving HIPAA HITECH Compliance
January 30, 2011 Added by:Jack Anderson
There is no third party authorized by HHS to attest to their compliance such as The Joint Commission or JCAHO can attest to accreditation. Even if they could prove to your satisfaction that they were compliant in January, how would you know that they were compliant in February, or March, etc...
Comments (2)
HIPAA HITECH Compliance for BAs and Sub-Contractors
January 19, 2011 Added by:Jack Anderson
Due to this potential liability CEs are beginning to require proof of compliance before they will do business with a BA or Sub. The big challenge is how to prove compliance so that the CE has "suitable assurance" as required by HIPAA...
Comments (0)
- A Call to Structure
- What CEOs Need to Know About the Future of Cybersecurity
- Who’s Responsible for Your Cyber-Security?
- CERT/CC Warns of Vulnerabilities in Marvell Avastar Wireless SoCs
- Mozilla Concerned of Facebook’s Lack of Transparency
- OWASP: What Are the Top 10 Threats and Why Does It Matter?
- Magento Patches Command Execution, Local File Read Flaws
- The Biggest Security Hurdles in Your Business, and How to Overcome Them
- Four Technologies that will Increase Cybersecurity Risk in 2019
- Strategies for Winning the Application Security Vulnerability Arms Race