Kardon Blog

Security & Privacy News

Keeping you informed and enlightened.

Sue for HIPAA Negligence? No way. Way!

Takeaways: HIPAA keeps getting more important to the business for CEs and BAs but who is going to have to learn the hard way for your office to take note? The Connecticut case of Emily Byrne vs. Avery Center for Obstetrics and Gynecology involves a patient who sued a...

read more

They want what!?

Takeaways: No longer are small providers “too small” for OCR to conduct a breach investigation. In an article concerning a breach investigation a copy of the information requested in the OCR letter was included. The items were to be supplied within 20 days. When I...

read more

Business Associate Agreement – Yours, Mine, or Ours?

Takeaways: Updated BAA deadline is Sept 23, 2014 and 5 Tips for managing your BAAs. Who is really in control of the content of the Business Associate Agreements to be signed? It has been a frequent question now that BAAs are required everywhere.  Just who gets to...

read more

HIPAA One and Done has Gone the Way of the Dodo

Takeaway for today:  It is time to completely rethink the way you look at HIPAA Compliance requirements in your business.  HIPAA Compliance has changed.  It is no longer something you can just check off your list once or twice a year. A practice administrator told me...

read more

Russian Password Hack – Why Security Matters

Takeaways:  If you use the same user name and password for anything that has access to PHI and some other mundane website or service (even a small one) change it today.  In fact, make sure you change all your PHI passwords to something different.  If one is hacked,...

read more

The fines are coming! The fines are coming!

To borrow from Longfellow’s poem: Listen my children and you shall hear Of the midnight ride of Paul Revere, In this case, it isn’t a midnight ride but a late afternoon speech by Jerome B. Meites, a chief regional civil rights counsel at HHS, in Chicago.  Historians...

read more

No Better Time to Get Started

Privacy and security programs require persistent care and monitoring. There will never be a better time to get started.