Introduction The HIPAA Security Rule, is a set of national standards designed to help organizations protect PHI that’s created, received, used, or maintained by a healthcare covered entity, with compliance expectations that extend to business associates as well....
Introduction Across the healthcare industry, large physician groups are becoming increasingly common, as investors bring disparate physician practices together to keep up with healthcare challenges and ever-more complex treatment and service delivery needs. Today,...
Protecting PHI: The Buck Stops Here for BAs Introduction With both increased OCR investigations and settlements, many healthcare organizations and business associates are now requesting professional guidance and employing industry recognized tools to help better...
Introduction As the world is more connected to digital life, state and federal agencies are issuing a growing number of standards and mandates focused on data privacy and protection. Across the U.S., many states—for example, California, Nevada, and Maine—have already...
By Bob Chaput, CISSP, HCISPP, CRISC, CIPP/US C/EH Founder & Executive Chairman Introduction The business case for cyber risk management is clear. A cyber incident can lead to consequences that threaten the care and safety of patients. Cyber incidents can also...
In addition to being a HIPAA Security Rule requirement, conducting regular risk analyses is a fundamental business practice, yet many healthcare organizations struggle with the basics, from understanding Introduction Despite many warnings from the Office for Civil...
Introduction Organizations of all sizes struggle with embedding policies and procedures successfully into their day-to-day operations. That’s because for many, these policies fill binders and shared drives, overwhelming employees with pages and pages of instruction...