Patient Privacy

Interoperability and HIE

Regulatory and Compliance

Medical Device Integration

Report Writing


Thanks to You: Security Audit Manager™ Named 2018 KLAS Category Leader

Even though Security Audit Manager™ (SAM) had already been named KLAS category leader three years in a row, before KLAS made their announcement earlier this year, we couldn't help but feel hope, excitement, and nervousness, too. We were confident, but we wondered, "Could we, with the help of our customers, do it again for a fourth consecutive year?"

Read More

Beware the Path of Least Resistance

Based on an Interview with Dan Rossi
Director of Health Information, Privacy and Compliance Officer, Harrington Memorial Hospital

When Privacy and Compliance Officer Dan Rossi talks about protecting patient privacy, he preaches vigilance in this age of technological convenience.

Read More

How to Meet Stricter Patient Privacy Policies with Fewer Resources

Healthcare organizations are finding themselves having to do more with fewer resources, and this resource limitation is most visible in data security and patient privacy. Additionally, the industry as a whole sees more and more data breaches in healthcare facilities of all shapes and sizes. This is putting even further stress on hospitals to protect data from the inside out, as the penalties related to breaches, financial and otherwise, can be severe. 

Read More

Slash patient privacy auditing man-hours with automated data-driven workflows

I have spoken with a lot of patient privacy auditors and compliance officers, and the most common question that I get is:

 “Where do I start?”

They go on to say, "Now that all the data is captured from the different systems that contain PHI, and we have information about the users and patients, what’s next?"

Read More

Security Audit Manager iQ™ Series: Machine Learning is Not Enough for Patient Privacy Monitoring

I recently read an article in Healthcare IT News, Myth busted: Machine learning software isn’t enough, and the title caught my eye.

Mac McMillan, CynergisTek CEO was quoted in the article, and brought up an interesting point of view about machine learning.

Read More

Security Audit Manager iQ™ Series: Patient Privacy Made Smarter

It has been more than a decade since the HIPAA Security Rule established technical safeguards which require organizations to audit access to electronic protected health information. Since then, auditing programs have continued to grow in size and scope.

Read More

Update on HIPAA Audits, from an Insider

Iliana Peters, OCR’s Senior Advisor for HIPAA Compliance and Enforcement, was the featured speaker in the September 19 webinar sponsored by Iatric Systems. Her topic: "What Covered Entities Need to Know about OCR HIPAA Audits." As national lead for OCR enforcement of the HIPAA Rules, she’s uniquely qualified to give us an update on HIPAA audits.

Read More

Ignorance, Bliss, and the Zen of Risk Management

We all probably have heard the old saying “Ignorance is Bliss.”  Many of us, as we get older, look back fondly on our childhood and remember how true that was. Children often have the luxury of being able to go through life without knowing what it's like to have to work to eat, clothe, and shelter themselves and their family. Adulthood, on the other hand, quickly brings the realization that life brings on a multitude of challenges and lots of stress. The simplicity of life and the bliss that accompanies it is what Thomas Gray was talking about when he coined the phrase.  Ahh, to be a child again…

Read More

New HIPAA Enforcer Means Business – Make Sure You’re Prepared

I was very interested to read a recent article in Healthcare Info Security about the new HIPAA enforcer’s plans. Roger Severino, the new director of the Department of Health and Human Services' Office for Civil Rights (OCR), says his top enforcement priority for the coming year is to find a major, egregious privacy breach to use as an example from which others can learn.

Read More

New Lessons on Patient Privacy Breaches and OCR HIPAA Settlements

When I came across this article on "5 Lessons Learned in OCR HIPAA Settlements" I knew I wanted to share it with you. It reports on the outcome of the past two years of OCR HIPAA settlements and shows how likely it is for healthcare organizations to experience a breach at some point in time. As you will read, when healthcare organizations had a breach that caught them by surprise, they experienced significant reporting efforts and costly fines.

Read More