Compliance Tips

June 3, 2014   |   Gerry Blass

HIPAA Breaches – Have You Conducted Your PHI Vulnerability Assessment?

(Journal of Healthcare Information Management – (JHIM) – Winter 2014 – Used by permission from HIMSS). By now we all know that “ePHI” refers to electronic protected health information. Unfortunately, based on the number of breach notifications we read about, it seems that PHI has been anything but protected. The authors continue to receive e-mails that report breaches on a regular basis. There are even questions being raised about the privacy and security controls or lack thereof on the federal health insurance exchange website. It is difficult to imagine that the federal government’s website for healthcare insurance exchange is not in compliance with the federal government’s HIPAA OMNIBUS Rule.

Keep reading...
April 28, 2012   |   Gerry Blass

It Is Time to Prepare for an OCR Audit

How to Prepare for a HIPAA – HITECH Audit (Journal of Healthcare Information Management – (JHIM) – Spring 2012 – Used by permission from HIMSS). Covered entities (CEs) and business associates (BAs) can now clearly see the “HIPAA police” up ahead on the “side of the road”.

Keep reading...
October 15, 2011   |   Gerry Blass

Meaningful Use Stage 1 – Information Security Risk Analysis Scope

(Journal of Healthcare Information Management – (JHIM) – Fall 2011 – Used by permission from HIMSS) A question that we have been asked by a number of our clients over the past six (6) months is: “What do we really need to do for Meaningful Use (MU) Stage 1 in regards to information security risk analysis?”

Keep reading...