In recent years, the healthcare industry has undergone rapid and radical changes that have shifted the way hospitals, medical professionals, and patients interact. Looking forward to 2023, it’s now time to focus on forecasting where healthcare may be headed this coming year and beyond. There are several predictions that healthcare professionals should be aware of as you plan for the new year to make well informed decisions when navigating upcoming changes in healthcare.

It's the most wonderful time of the year, but for healthcare professionals, it can also be one of the busiest. As you celebrate with your family and friends, don't forget about HIPAA policies and other privacy regulations that must be followed even during the holiday season. Here are some tips to help make sure you stay on track and maintain compliance policies while still enjoying all the festivities.

Both new and well-known regulations alike were updated during the COVID-19 pandemic to better support healthcare providers. The Health Insurance Portability and Accountability Act (HIPAA) has seen some modest relaxing of some of its components but remains largely unchanged.

According to the Fortified Health Security 2020 report, the healthcare industry is expected to experience a 10-15 percent increase in the number of entities breached in 2020, with providers being the most targeted and exploited segment.

As part of Cybersecurity Awareness Month, we've shared tips so far for "Owning It" with remote access security, "Securing It" with multi-factor authentication, and "Protecting It" against Phishing attacks, and the potential costs of a HIPAA violation. Today I want to talk about how having layers of patient privacy help keep Protected Health Information (PHI) safe. 

In support of Cybersecurity Awareness Month, we've shared tips so far for "Owning It" with remote access security, "Securing It" with multi-factor authentication, and today I want to talk about "Protecting It" and the potential costs of a HIPAA violation if you aren't able to protect it (with "it" being PHI).

It has been more than a decade since the HIPAA Security Rule established technical safeguards which require organizations to audit access to electronic protected health information. Since then, auditing programs have continued to grow in size and scope.

Iliana Peters, OCR’s Senior Advisor for HIPAA Compliance and Enforcement, was the featured speaker in the September 19 HealthcareITSecurity.com webinar sponsored by Iatric Systems. Her topic: "What Covered Entities Need to Know about OCR HIPAA Audits." As national lead for OCR enforcement of the HIPAA Rules, she’s uniquely qualified to give us an update on HIPAA audits.

I was very interested to read a recent article in Healthcare Info Security about the new HIPAA enforcer’s plans. Roger Severino, the new director of the Department of Health and Human Services' Office for Civil Rights (OCR), says his top enforcement priority for the coming year is to find a major, egregious privacy breach to use as an example from which others can learn.