A 2016-2017 HIPAA Audits Industry Report shows that many organizations struggle with risk analysis. Learn about key takeaways from the report as well as advice from industry experts.
OCR report shows risk analysis remains an issue for organizations In addition to struggling to properly fulfill patient records requests,
Four Reasons to Recapture Compliance in 2021
Why the pandemic shouldn’t stop providers from focusing on critical security and compliance gaps. By Gerry Blass and Helen Oscislawski, Esq.
COVID-19: Business Continuity Lessons Learned
Not only did the COVID-19 global pandemic change the way care is provided, it changed how security and compliance programs needed to be structured, especially with regard to disaster preparedness and business continuity. Though healthcare organizations typically have disaster recovery and business continuity (DR/BC) plans in place, it can often be difficult to operationalize those plans when a disaster arises.
8 Things You Need to Know About HITRUST Compliance
If you’re considering HITRUST compliance as a cybersecurity framework, here is a list of the top 8 points you should consider before moving ahead.
HIPAA and COVID-19 – A Timeline of OCR Notifications and Guidelines
We know. It can be difficult to find accurate and consistent information on HIPAA and the temporary changes due to COVID-19. To that end, we’ve put together a timeline and brief descriptions of the notifications and guidance issued by the OCR during the COVID-19 public health emergency.
A Broader Lens Into Vendor Risk Management
With a seemingly infinite number of digital pathways right to the doorsteps of healthcare providers, we need to work even harder to protect information that could be exposed online. That includes vendor risk management…
Protecting Health Information In The COVID-19 Era
Even prior to the COVID-19 pandemic, ransomware attacks were on the rise. “COVID has simply increased risk of attacks due to more locations with a remote workforce, [protected health information] through telehealth, more phishing attacks, more opportunities that hackers like to take advantage of.”
Sharing Patient Information: Pros, Cons and Implications
The news late last year around Project Nightingale aroused interest from both healthcare organizations and the public on how and when protected health information (PHI) should be shared. With new technologies, new entrants to the healthcare market, how can healthcare providers balance HIPAA, cybersecurity protections, and the need to easily share data to improve patient care?
Keeping Networks Secure In The Age Of Telecommuting
Though telecommuting was on already on the rise at a rate of 2-3% per year, the COVID-19 pandemic required healthcare organizations to re-evaluate work from home policies and quickly enable a remote workforce. But, in the midst of a pandemic, when you have to act as quickly as possible, how do you also make sure your networks and operations are still protected?
COVID-19 Puts Disaster Preparedness Plans to the Test
For compliance-minded HIM professionals, the COVID-19 pandemic presented curve ball after curve ball thanks to the flood of waivers from the federal government temporarily loosening certain HIPAA and telehealth regulations.
Did You Know? HIPAA Compliance Consultants Can Implement NIST CSF
With the exponential growth in vulnerabilities over the past decade, healthcare organizations look to supplement HIPAA regulations with other types of cybersecurity frameworks. The recent uptick in telehealth and telecommuting during the COVID-19 pandemic has added even more vulnerabilities to an already long list. Cybersecurity has become a core focus for healthcare leaders as more weaknesses are identified and exploited by bad actors.
How a Risk Register Helps Avoid Recreating The Wheel
Risk registers help healthcare organizations consolidate and manage risk, avoid duplication of work and support a long-term, transparent risk management strategy.
