Blog Archives

Aristotle, Galileo and Newton’s Laws Apply to the Omnibus Final Rule Deadline

Aristotle first started to theorize about the laws of physics including the law of inertia.  Galileo restated Aristotle a bit and added his own twists to the concepts.  When we finally got Newton’s two cents added we got to this scientific statement:  A body will keep its speed and direction so long as no force […]

Read More

Please, Just Do My HIPAA For Me!

So many people are struggling to get caught up on their compliance obligations because they just don’t have the time or resources to deal with it.  We hear this so often I felt it was time to write an article on how we respond to the request.  There are several points we discuss with the […]

Read More

Wellpoint Resolution Provides More Valuable Lessons

I have written before about learning from others mistakes. I know many folks in the small CE and BA world brush off the news of the $1,700,000 Wellpoint Settlement as something that happens only to the big guys. There is so much to learn here, I hope you will take a minute to see why […]

Read More

My Technology Company Says They Aren’t a BA. What do I do?

We have had a rash of these type questions lately.  Personally, I don’t understand why so many technology companies are fighting this concept.  It is really, really hard for anyone to meet the Security Rule requirements without an IT Department or IT Support Company.  In fact, many IT companies are coming to us to help […]

Read More

Do Your BA Due Diligence

Long gone are the days that you pull down a template Business Associate Agreement and everyone just signs it.  BAs may not understand the extent of their obligations under HIPAA.  You need to confirm your agreements plus check what they are really doing to comply. I really don’t recommend blindly using a template agreement to […]

Read More

Seriously, HIPAA Enforcement Really is Changing

HIPAA was a big scary thing in 2003 and it turned out to be nothing but a waste of my time and money.  Don’t try to scare me with that again. I hear it often enough to feel pretty sure it is a belief many hold and only some voice.  Whether people say it outwardly […]

Read More

How long will it take to get HIPAA compliant?

I get asked this question almost every day.  So, I decided to devise a scoring system to help you estimate how long it will take to get compliant.  Answer these questions and tally up your score.  Keep in mind you can never consider yourself 100% compliant.  The only thing you shoot for is to be […]

Read More

HIPAA Documentation AKA Telling Your Compliance Story

The way you tell any story is with pictures and words.  Documentation is a required element of HIPAA regulations that allows you to tell your compliance story.  I mentioned how important documentation is in the Plan of Attack for HIPAA 2.0 article.  What should your documentation include and how do you manage it? The Security […]

Read More

Why should you worry about patient’s privacy?

In a recent conversation at a MGMA conference an administrator said he hadn’t decided about HIPAA yet.  “He might just risk it. ” While I wasn’t seriously shocked by the comment, I felt serious concern for their patients. Sure, everyone has to decide what they are going to do concerning their obligation to comply.  There […]

Read More

How do you create a culture of HIPAA compliance?

Almost every industry has guidelines that must be followed which makes the phrase “culture of compliance” a pretty common one.  HIPAA is best managed when it is built into a culture of compliance just like the others.  What does that mean and how do you create it in your business? A culture of compliance is […]

Read More