Kardon Blog
Security & Privacy News
Keeping you informed and enlightened.
We can do this. It’s easy.
An iconic symbol of on-the-job hilarity is the I Love Lucy episode in the candy factory. The vision of Ethel and Lucy shoving candy in their mouths, tops, and hats as the conveyor belt moves past can’t help but make you laugh. Vivian Vance and Lucille Ball ham it up...
Cha-cha-cha
Someone once said that an optimist is a person who knows if they take one step forward and one step back not to be discouraged, they are just doing the Cha-cha-cha. I have been trying to take that advice and cha-cha-cha my way through recovery. As I do so, I realize...
Frankenhand!
Just after the first of the year, I had surgery on my right hand. I have spent the weeks since then adapting to not having full use of that hand for several months as it heals. That is definitely a challenge for someone who is fiercely right-handed. Most of my friends...
Malware monster wins again!
Takeaways: The latest OCR resolution makes specific points on what OCR considers reasonable and appropriate technical safeguards of the Security Rule. If you aren’t up to date with all of your software, it does matter very much once malware finds you. There are...
And the hits just keep on coming!
Takeaways: Yet another notice that HIPAA enforcement and liability is not something to keep putting off until later. The web of liability means it is no longer just yourself you have to worry about being caught up in audits or breaches. And the hits just keep on...
Sue for HIPAA Negligence? No way. Way!
Takeaways: HIPAA keeps getting more important to the business for CEs and BAs but who is going to have to learn the hard way for your office to take note? The Connecticut case of Emily Byrne vs. Avery Center for Obstetrics and Gynecology involves a patient who sued a...
They want what!?
Takeaways: No longer are small providers “too small” for OCR to conduct a breach investigation. In an article concerning a breach investigation a copy of the information requested in the OCR letter was included. The items were to be supplied within 20 days. When I...
BAA – Business Associate Agreement – Yours, Mine, or Ours?
Takeaways: Updated BAA deadline is Sept 23, 2014 and 5 Tips for managing your BAAs. Who is really in control of the content of the Business Associate Agreements to be signed? It has been a frequent question now that BAAs are required everywhere. Just who gets to...
HIPAA One and Done has Gone the Way of the Dodo
Takeaway for today: It is time to completely rethink the way you look at HIPAA Compliance requirements in your business. HIPAA Compliance has changed. It is no longer something you can just check off your list once or twice a year. A practice administrator told me...
Russian Password Hack – Why Security Matters
Takeaways: If you use the same user name and password for anything that has access to PHI and some other mundane website or service (even a small one) change it today. In fact, make sure you change all your PHI passwords to something different. If one is hacked,...
The fines are coming! The fines are coming!
To borrow from Longfellow’s poem: Listen my children and you shall hear Of the midnight ride of Paul Revere, In this case, it isn’t a midnight ride but a late afternoon speech by Jerome B. Meites, a chief regional civil rights counsel at HHS, in Chicago. Historians...
800,000 Reasons You Need Workforce Training
The recent HHS settlement in the case of 71 cardboard boxes of medical records being left on a physicians driveway is your 800,000 reasons, and they are all in cold, hard cash. Here is the key detail about what happened direct from the resolution agreement: On June...
No Better Time to Get Started
Privacy and security programs require persistent care and monitoring. There will never be a better time to get started.