HIPAA Audits: Coming Soon to an Office Near You

The OCR is reviewing the results of the 2012 pilot audits.  They have published the Audit Program Protocol so you know what to expect when they come for you. In Director Rodriguez’s interview with HealthcareInfoSecurity, he made some important points to note...

HIPAA Security Rule Step #1: Perform a Risk Analysis

In a recent discussion with a practice administrator, I discovered a pretty important misconception about what should really be included in a proper HIPAA Risk Analysis.  Not that the administrator was doing anything wrong but the understanding of what is a Risk...

Plan of Attack for HIPAA 2.0

Where do you get started with all these changes? It is important to understand that HIPAA 2.0 compliance means more than just having an annual training session and a book of policies on the shelf.  HIPAA 2.0 means regular training in all areas of your business and...

Omnibus Final Rule Quick Overview

There is a lot of information to cover in the details of the Final Rule. This article only contains a list of bullet points.  All changes in the 2013 Omnibus Rule are not guaranteed to be included in this list. Each entity should make sure they review all aspects of...