Are your BAs hiring Gilligan, Gomer, or Barney?

It is becoming increasingly apparent that Business Associates should be taking their responsibility more seriously than they have in the past.  Although, the past could be in previous years or, for some, just yesterday.  The recent settlement of the class-action lawsuit against Stanford Hospital & Clinic over a PHI breach should provide the impetus to […]

Read More

Add More To Your HIPAA Heartbleed Review List

Just as I mentioned in my earlier post on Heartbleed, there would be more to come.  Just hours after finishing that article I was reading the latest articles on the status of the situation.  This thing seems to get worse every day to many people.  I am not as shocked by the number of devices […]

Read More

Heartbleed HIPAA Documentation

If you haven’t considered your HIPAA requirements for Heartbleed yet you should probably get started sooner rather than later.  If you don’t run a site that needed a patch you almost certainly use one or more on a regular basis.  This is a perfect time to create nice clean issue resolution documentation to show that […]

Read More
Bite the Bullet

5 Tips to Just Get Your Risk Analysis Done

Doing a Security Risk Analysis is high on many lists right now.  Not only is it the number one thing OCR has defined as not being done properly, but it is also a required element for Meaningful Use attestation.  We have been getting a lot of traffic to our Risk Analysis Content page most likely […]

Read More

Breach Is Gonna Get You!

Gamblers spend years and fortunes trying to “beat the odds” often to no avail.  They know they are taking a major risk but they are looking for the big payoff.   If you are a numbers person, you boil things down to statistics or dollars and cents.  Those numbers help you make decisions based on […]

Read More
XP released

Does XP swan song affect your HIPAA compliance?

We started working with our clients on replacing XP machines in their technology plans in 2013. No one is surprised when we come calling for the last few they have installed in 2014.  They have been hearing we were removing them for a long time.  But, not everyone has had that much warning it seems. […]

Read More

Who is Phishing for your PHI?

An email arrives in your inbox tomorrow from someone working at one of the large insurance companies.  It tells you that someone has attempted to make changes to your information on their systems.  It is very specific because it uses your name and says they feel certain it was due to an attempted hack on […]

Read More

HHS Resolution Theme Song Nomination: I’m Henry the Eighth, I Am

The resolution agreement with Adult & Pediatric Dermatology seems like the problems have mostly been heard before.  It isn’t new, they seem to all have a similar verse.  Therefore, I nominate the Herman’s Hermits tune I’m Henry the VIII, I Am as the official theme song to be played when the next one is announced. Actually, […]

Read More

3 Reasons Businesses Covered by HIPAA Should Watch the Target Breach Carefully.

Things have been seriously chaotic around me for the last couple of months and my writing has taken a back seat.  For the first time in weeks I have a chance to sit down and write.  It feels great because there is so much going on that I have wanted to review.  Now, I must […]

Read More
HIPAA Perimeter Security

HIPAA Penetration Testing?

Being an IT company that specializes in HIPAA compliance we get a lot of interesting inquiries that leave us scratching our heads.  HIPAA penetration testing is one of the areas.  We get an inquiry to perform penetration testing for a new customer.  Almost always the request is coming from a CE or BA that hasn’t […]

Read More