I was very interested to read a recent article in Healthcare Info Security about the new HIPAA enforcer’s plans. Roger Severino, the new director of the Department of Health and Human Services' Office for Civil Rights (OCR), says his top enforcement priority for the coming year is to find a major, egregious privacy breach to use as an example from which others can learn.
When I came across this article on HealthITSecurity.com: "5 Lessons Learned in OCR HIPAA Settlements" I knew I wanted to share it with you. It reports on the outcome of the past two years of OCR HIPAA settlements and shows how likely it is for healthcare organizations to experience a breach at some point in time. As you will read, when healthcare organizations had a breach that caught them by surprise, they experienced significant reporting efforts and costly fines.
I recently read this article from HealthData Management — Privacy, security issues cause consumers to distrust HIT — published on January 9th, 2017.
With all the news going on today about ransomware and the increased number of privacy breaches, we sometimes forget about how these breaches are eroding the trust patients place with their healthcare provider.
On September 30th, CynergisTek and Iatric Systems teamed up to host a complimentary webinar, “How to Prepare Your Organization for an OCR HIPAA Audit.” In this informative session, industry expert Mac McMillan talked about what we learned from OCR’s first round of audits in 2012 and what we can expect from the revised, permanent audit program. In this session, Mac provided several key takeaways that healthcare providers and vendors need to know before they receive an OCR audit letter.
One thing is for sure…you don’t want to wait until you get a notification letter from the Office for Civil Rights (OCR) to start preparing for a HIPAA compliance audit. Organizations that are going through audits have only one chance to submit all requested documentation, so it’s crucial to get it right!
$5.6 billion. $5,600,000,000. Seeing the amount, instead of just reading the amount, gives it more meaning — at least to me it does. That rather large number is how much privacy breaches cost the healthcare industry annually. Each healthcare organization spends almost $2 Million ($2,000,000) over a 2-year period to address attacks. The most troubling trend is that the attacks on healthcare organizations are on the rise and expected to continue.
I was very interested to read a recent article in Healthcare Info Security about the new HIPAA enforcer’s plans. Roger Severino, the new director of the Department of Health and Human Services'...Read More
When I came across this article on HealthITSecurity.com: "5 Lessons Learned in OCR HIPAA Settlements" I knew I wanted to share it with you. It reports on the outcome of the past two years of OCR...Read More
In my experience, hospitals typically don't add any kind of PHI access logging to their Data Repository reports. This seems like a gap in PHI monitoring. It may be true that HIPAA provides an...Read More
Recently, Ed Ricks, CIO at Beaufort Memorial Hospital had an interview with Marianne Kolbasuk McGee with HealthcareInfo Security. It is a very relevant and timely discussion since The Department of...Read More
The Health and Human Services (HHS) Office for Civil Rights (OCR) announced in August, that it has launched a new initiative to more widely investigate HIPAA breaches of protected health information...Read More
Iatric Systems customer, Ed Ricks, CIO of Beaufort Memorial, shares that “technology can produce useful details to further prove your privacy compliance efforts to federal auditors.” In this recent...Read More
Healthcare is, at its core, based on relationships. And, as with any relationship, trust is foundational to building and maintaining a strong relationship. Trust can be fragile and fleeting. It can...Read More
When hospital clinicians are accessing patient records thousands of times daily, how do you spot the access that’s questionable or worse? Trying to comply with privacy rules can tie a hospital’s IT...Read More
We all know that as EMRs replace paper records, it is impossible to manually review millions of audit logs to check for potential patient privacy breaches. As a result, in the past, most...Read More
I have had many conversations with our customers regarding patient privacy monitoring, including the importance of capturing and mapping key data elements such as Guarantor/Subscriber, Next of Kin,...Read More
One internal value that has always been strong at Iatric Systems is that our Founder and CEO, Joel Berman, cares for his “family” by providing the best healthcare insurance and wellness plans...Read More
On September 30th, CynergisTek and Iatric Systems teamed up to host a complimentary webinar, “How to Prepare Your Organization for an OCR HIPAA Audit.” In this informative session, industry...Read More
One thing is for sure…you don’t want to wait until you get a notification letter from the Office for Civil Rights (OCR) to start preparing for a HIPAA compliance audit. Organizations that are going...Read More
I am often faced with the following question from customers: "Can you tell me specifically what we need to do to comply with HIPAA’s information system activity review requirement…What is ‘reasonable...Read More
In a recent report, "2015 Data Breach Investigations Report," conducted by Verizon, analysts put healthcare security under the microscope and identified that insider snooping (think employee snooping...Read More