Almost every industry has guidelines that must be followed which makes the phrase “culture of compliance” a pretty common one. HIPAA is best managed when it is built into a culture of compliance just like the others. What does that mean and how do you create it in...
One of the first processes we go through for HIPAA Compliance is to identify all Business Associates (BAs). That has to be done for CEs and BAs alike. The Final Rule has changed the status and viewpoints for many CEs and BAs. We have addressed a lot of questions on...
A major shift under the 2013 Final Rule involves how a CE or BA determines how serious a breach is and what notifications are required based on that determination. Of course, it helps to have some idea of what a HIPAA Breach is before you can think about the...
A famous Jimi Hendrix quote goes: I’ve been imitated so well I’ve heard people copy my mistakes. Aspiring guitarists work hard to imitate Hendrix to this day. His music is well documented and played daily around the world. If you want to make a name for yourself...
The OCR is reviewing the results of the 2012 pilot audits. They have published the Audit Program Protocol so you know what to expect when they come for you. In Director Rodriguez’s interview with HealthcareInfoSecurity, he made some important points to note...
