Healthicity Blog

Let’s face it, most passwords are not secure and that’s a huge problem when it comes to HIPAA. The HIPAA Security rules require covered entities and business associates to provide a “unique identifier” of all users in its information systems.

HIPAA is:

• A Law that governs a person’s ability to qualify immediately for health coverage when they change employment (dependent on employer’s program)

In late August, the Office for Civil Rights of the Department of Health and Human Services announced via its listserv service that it was ramping up its enforcement efforts for smaller breaches of less than 500 records.

The University of Massachusetts Amherst (UMass) is the latest healthcare organization to agree to a settlement and resolution agreement related to potential violations of the HIPAA Privacy and Security regulations. UMass has agreed to pay a fine of $650,000 and to abide by a two-year corrective...

One of the very first HIPAA Security regulations is, “Assigned Security Responsibility” 164.308(a)(2). This regulation requires every Business Associate and every covered entity to have a designated HIPAA Security Officer.

In the last several years, I’ve conducted hundreds of HIPAA Security Risk Analyses and observed the types of challenges that organizations face to help keep patient information safe and secure.

I’ll admit, I’m a little biased when clients ask if they should outsource their risk analysis. Afterall, I'm a HIPAA consultant and expert with a practice that focuses on risk assessment and penetration testing. I make my living conducting risk analysis.

There are many requirements for attesting to Meaningful Use in 2016. For most providers, they will be following Meaningful Use Modified Stage 2 requirements which includes 9 criteria for eligible hospitals and 10 requirements for eligible providers.