Healthcare Compliance Updates & Tips

Checkout the latest regulatory compliance updates and tips from ComplyAssistant.
On top of our updates and tips we often publish free tools and webinars to help the compliance community.

January 8, 2015   |   Gerry Blass

Innovation in HealthCare – The Impact on Information Privacy and Security

It is hard to believe that the HIPAA Security Rule was written when most medical records were only in hardcopy format. Today, HIPAA CEs and BAs must make sure they understand their current vulnerabilities that could impact how they protect PHI. We read about PHI breaches on a regular basis, and some have been huge. This kind of news has certainly caught the attention of healthcare leaders. The key is to continually have a program in place to assess changes that result from innovation and try to stay one step ahead of related potential vulnerabilities.

Keep reading...
September 15, 2014   |   Gerry Blass

Audits and Evidence of Compliance- Will Your Organization Be Audited?

Could your organization be selected for an audit? The answer is obviously yes. So how do you prepare? We recommend that your organization conduct a document review and organize all your HIPAA privacy, security, and breach notification policies, procedures, plans and evidence of due diligence in one place for easy access to provide to OCR. Remember that OCR only provides a two-week notice. If your organizations documentation is not organized, two weeks may not be enough time to get ready for the audit.

Keep reading...
June 3, 2014   |   Gerry Blass

HIPAA Breaches – Have You Conducted Your PHI Vulnerability Assessment?

(Journal of Healthcare Information Management – (JHIM) – Winter 2014 – Used by permission from HIMSS). By now we all know that “ePHI” refers to electronic protected health information. Unfortunately, based on the number of breach notifications we read about, it seems that PHI has been anything but protected. The authors continue to receive e-mails that report breaches on a regular basis. There are even questions being raised about the privacy and security controls or lack thereof on the federal health insurance exchange website. It is difficult to imagine that the federal government’s website for healthcare insurance exchange is not in compliance with the federal government’s HIPAA OMNIBUS Rule.

Keep reading...
October 1, 2013   |   Gerry Blass

Webinar with Leading Industry Experts on Best Practices for Omnibus Rule Compliance and Vendor Management

The Omnibus Rule outlines significant changes to the relationships between covered entities and business associates, leading to a variety of compliance and vendor management challenges. This webinar provides attendees with an understanding of what has changed for business associates with the Omnibus Rule, and discusses how it changes the relationship between provider and vendor.

Keep reading...
August 23, 2013   |   Gerry Blass

All Aboard the Omnibus – A Look at HIPAA’s First Update in 10 Years

On January 25, 2013, the Office for Civil Rights (OCR) published their long awaited updates to the HIPAA Privacy and Security Rules. The formal name of the rules is “Modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules Under the Health Information Technology for Economic and Clinical Health Act and the Genetic Information Nondiscrimination Act; Other Modifications to the HIPAA Rules; Final Rule,” known to those that must implement its provisions and deal with its enforcement as the Omnibus Rule.

Keep reading...
May 13, 2013   |   Gerry Blass

OCR HIPAA Audits – We Now Know the Protocols

We should all know by now that the Office for Civil Rights (OCR) has been mandated to audit all HIPAA Covered Entities (CEs) and Business Associates (BAs), and we now know the main ingredients of the audits, the protocols, which are subject to change over time based on audit results. All CEs and BAs should begin a process now to prepare for an OCR audit based on the most current protocols. Why? Because once the OCR notifies you that your organization will be audited, you only have a couple of weeks to prepare.

Keep reading...
November 8, 2012   |   Gerry Blass

The HITECH Omnibus final rule -“Fall” for IT

The HITECH Omnibus final rule -“Fall” for IT (Journal of Healthcare Information Management – (JHIM) –Fall 2012 – Used by permission from HIMSS). See you in September – That was a great song, first done by the Tempos in 1959 and then by the Happenings in 1966. So let’s use it as the theme for the current estimated timing for the publication of the HITECH Omnibus final rule. Of course, it could also be “Home for the Holidays”.

Keep reading...
August 19, 2012   |   Gerry Blass

Mobile Devices Are Here to Stay, But Challenges Remain

Mobile Devices Are Here to Stay, But Challenges Remain (Journal of Healthcare Information Management – (JHIM) – Summer 2012 – Used by permission from HIMSS). “The use of portable devices, especially the iPhone and iPad are turning physicians into iDocs. These consumer tools are moving into the healthcare environment at a break neck speed! We have seen increased usability. That is good. But, we also have seen increased security risks. That is bad”.

Keep reading...
April 28, 2012   |   Gerry Blass

It Is Time to Prepare for an OCR Audit

How to Prepare for a HIPAA – HITECH Audit (Journal of Healthcare Information Management – (JHIM) – Spring 2012 – Used by permission from HIMSS). Covered entities (CEs) and business associates (BAs) can now clearly see the “HIPAA police” up ahead on the “side of the road”.

Keep reading...