Compliance Tips

Even prior to the COVID-19 pandemic, ransomware attacks were on the rise. “COVID has simply increased risk of attacks due to more locations with a remote workforce, [protected health information] through telehealth, more phishing attacks, more opportunities that hackers like to take advantage of.”

The news late last year around Project Nightingale aroused interest from both healthcare organizations and the public on how and when protected health information (PHI) should be shared. With new technologies, new entrants to the healthcare market, how can healthcare providers balance HIPAA, cybersecurity protections, and the need to easily share data to improve patient care?

Though telecommuting was on already on the rise at a rate of 2-3% per year, the COVID-19 pandemic required healthcare organizations to re-evaluate work from home policies and quickly enable a remote workforce. But, in the midst of a pandemic, when you have to act as quickly as possible, how do you also make sure your networks and operations are still protected?

For compliance-minded HIM professionals, the COVID-19 pandemic presented curve ball after curve ball thanks to the flood of waivers from the federal government temporarily loosening certain HIPAA and telehealth regulations.

With the exponential growth in vulnerabilities over the past decade, healthcare organizations look to supplement HIPAA regulations with other types of cybersecurity frameworks. The recent uptick in telehealth and telecommuting during the COVID-19 pandemic has added even more vulnerabilities to an already long list. Cybersecurity has become a core focus for healthcare leaders as more weaknesses are identified and exploited by bad actors.

Risk registers help healthcare organizations consolidate and manage risk, avoid duplication of work and support a long-term, transparent risk management strategy.

Looking to fill resource gaps on your IT team? Virtual CISO consulting services could be the answer – learn 4 reasons to consider hiring a vCISO

Are you looking to purchase vendor risk management software for your healthcare organization? Our fundamental guide outlines the features and functionality to look for when evaluating solutions, along with an expanded definition of what constitutes a “business associate” and the types of business data to be protected when working with third parties.

Learn how to prepare for your annual HIPAA compliance audit with 6 best practice tips from the team at ComplyAssistant.

Over the course of 2019, we covered a variety of security and compliance topics, including security risk audits, HIPAA compliance, employee compliance training, and executive leadership and IT governance.

Though these issues are still relevant going into a new decade, we predict a renewed – or even evolved – outlook on four specific areas of security and compliance strategy.