According to the Fortified Health Security 2020 report, the healthcare industry is expected to experience a 10-15 percent increase in the number of entities breached in 2020, with providers being the most targeted and exploited segment.
As part of Cybersecurity Awareness Month, we've shared tips so far for "Owning It" with remote access security, "Securing It" with multi-factor authentication, and "Protecting It" against Phishing attacks, and the potential costs of a HIPAA violation. Today I want to talk about how having layers of patient privacy help keep Protected Health Information (PHI) safe.
In support of Cybersecurity Awareness Month, we've shared tips so far for "Owning It" with remote access security, "Securing It" with multi-factor authentication, and today I want to talk about "Protecting It" and the potential costs of a HIPAA violation if you aren't able to protect it (with "it" being PHI).
It has been more than a decade since the HIPAA Security Rule established technical safeguards which require organizations to audit access to electronic protected health information. Since then, auditing programs have continued to grow in size and scope.
Iliana Peters, OCR’s Senior Advisor for HIPAA Compliance and Enforcement, was the featured speaker in the September 19 HealthcareITSecurity.com webinar sponsored by Iatric Systems. Her topic: "What Covered Entities Need to Know about OCR HIPAA Audits." As national lead for OCR enforcement of the HIPAA Rules, she’s uniquely qualified to give us an update on HIPAA audits.
I was very interested to read a recent article in Healthcare Info Security about the new HIPAA enforcer’s plans. Roger Severino, the new director of the Department of Health and Human Services' Office for Civil Rights (OCR), says his top enforcement priority for the coming year is to find a major, egregious privacy breach to use as an example from which others can learn.
When I came across this article on HealthITSecurity.com: "5 Lessons Learned in OCR HIPAA Settlements" I knew I wanted to share it with you. It reports on the outcome of the past two years of OCR HIPAA settlements and shows how likely it is for healthcare organizations to experience a breach at some point in time. As you will read, when healthcare organizations had a breach that caught them by surprise, they experienced significant reporting efforts and costly fines.
I recently read this article from HealthData Management — Privacy, security issues cause consumers to distrust HIT — published on January 9th, 2017.
With all the news going on today about ransomware and the increased number of privacy breaches, we sometimes forget about how these breaches are eroding the trust patients place with their healthcare provider.
On September 30th, CynergisTek and Iatric Systems teamed up to host a complimentary webinar, “How to Prepare Your Organization for an OCR HIPAA Audit.” In this informative session, industry expert Mac McMillan talked about what we learned from OCR’s first round of audits in 2012 and what we can expect from the revised, permanent audit program. In this session, Mac provided several key takeaways that healthcare providers and vendors need to know before they receive an OCR audit letter.
One thing is for sure…you don’t want to wait until you get a notification letter from the Office for Civil Rights (OCR) to start preparing for a HIPAA compliance audit. Organizations that are going through audits have only one chance to submit all requested documentation, so it’s crucial to get it right!