In the aftermath of the COVID-19 pandemic, it’s more important than ever for healthcare providers to maintain industry standards for patient care within their respective enterprises. State departments of health (DOHs) are taking a closer look at emergency preparedness plans with a more intentional focus on pandemic response through the implementation of spot or “surprise” audits.
As cybersecurity threats continue to wreak havoc on companies of all sizes, the importance of education and training for leaders is critical. In partnership with HFMA New Jersey, our team hosted a free, comprehensive webinar with health information technology (HIT) leaders from three of the top healthcare organizations located in New York and New Jersey. The discussion focused on internal and external cybersecurity risks and identified new risks directly resulting from the COVID-19 pandemic.
In today’s world, it’s easier than ever for hackers to take advantage of organizations online. Recent examples of this have come in the wake of the Colonial Pipeline attack and the Scripps Health EHR breach. The repercussions of both attacks—which include gasoline shortages up and down the east coast and disruption of EHR, website, and patient portal—are continuing to be felt long after the bad actors do their dirty work. So, what can organizations do to protect themselves?
In the 70s and 80s, healthcare organizations started to migrate their patient management information from hard copy to electronic, either on shared mainframes such as SMS and McAuto or on microprocessors. The user workstations had no intelligence and were known as “dumb terminals.” There were limited locations of electronic identifiable health information. There was no motivation to sell identifiable health information.
President and CEO Gerry Blass sat down with Journal of AHIMA senior editor Mary Butler on a recent episode of the Hi Pitch Podcast to talk about the 21st Century Cures Act Information Blocking Final Rule and the eight information blocking exceptions. Blass was joined by attorney Helen Oscislawski, who spoke to the challenges her clients have faced as they prepare to comply with the rule, which goes into effect on April 5th.
In this episode of Digital Checkup, Bill Siwicki asked Gerry Blass about the new Health Industry Cybersecurity Practices (HICP) Final Rule.
A February 1 article published in Briefings on HIPAA focuses on recent findings from the Office for Civil Rights’ much-anticipated 2016-2017 HIPAA Audits Industry Report released in December 2020. The article shines light on some of the flaws and challenges in the way patient access to information has been handled over the years.
Not only did the COVID-19 global pandemic change the way care is provided, it changed how security and compliance programs needed to be structured, especially with regard to disaster preparedness and business continuity. Though healthcare organizations typically have disaster recovery and business continuity (DR/BC) plans in place, it can often be difficult to operationalize those plans when a disaster arises.
If you’re considering HITRUST compliance as a cybersecurity framework, here is a list of the top 8 points you should consider before moving ahead.
We know. It can be difficult to find accurate and consistent information on HIPAA and the temporary changes due to COVID-19. To that end, we’ve put together a timeline and brief descriptions of the notifications and guidance issued by the OCR during the COVID-19 public health emergency.