As the national security standard for protecting patient health information, HIPAA stands as a safeguard for medical information. But Christopher Fuller of TechRepublic.com was recently quoted to say “The biggest challenge presented by HIPAA is to accurately and consistently protect…
Posts for companies dealing with protected health information (PHI) to help ensure that all the required physical, network, and process security measures are in place and followed.
The healthcare industry is now one of the top three industries cyber attackers are targeting. No matter what type of facility you work in – a hospital, clinic, medical center, health insurance company, or one that provides business or clinical services for health care – the data you store is worth millions of dollars on the dark web. Attackers can hold a hospital hostage, freeze operations and disrupt critical medical processes until they get what they want. A recent breach with a global impact showed
us just how unprepared the healthcare industry is.
What once was a seller’s market has now clearly become a buyer’s market, and the effects of that change are significant. With the freedom to utilize services outside of their traditional firm, clients are demanding more value for services received. Is your firm adapting to this shift in the legal relationship dynamic to meet the needs of 21st century customers?
The Health and Human Services Office of Civil Rights (OCR) has been doing limited audits to ensure covered entities and business associates are in compliance with regulations governing health information privacy, security, and breach notification activities. This limited Phase 1 has involved about 100 entities over the past year. Information gathered during this limited roll-out has been used to re-tool for a more broad-based audit moving forward. In fact, phase 2 was announced back in March – this phase includes both covered entities AND their business associates.