Marcie Swenson
Share:
compliance, risk analysis, webinar, hipaa, hipaa compliance, HIPAA risk assessment, HIPAA security, ePHI, hipaa risk analysis, ePHI security, OCR, network security, privacy and security, Case Study, cyber security, Security Risk Assessment, MD Anderson
The University of Texas MD Anderson Cancer Center is gearing up to pay 4.3 million dollars in fines in civil penalties for HIPAA violations after the OCR accused MD Anderson of violating the HIPAA Privacy and Security Rules.
According to the OCR, MD Anderson failed to encrypt devices that handled ePHI and more than 33,500 individuals had their information exposed when a laptop and thumb drives were lost in 2012 and 2013.
If you work in healthcare, this is your worst nightmare.
So how do you protect your organization? You’re required to perform risk analysis as part of your security management process but it’s also the best line of defense against being found non-compliant. A risk analysis will tell you what to fix so your organization will stay compliant. It might sound complicated but fortunately there are tools to make it easy on you.
Tune into my upcoming webinar, MD Anderson: How Their Mistakes Could Improve Your Privacy and Security Program, to learn how to protect your organization from thousands or millions in fines.
In this webinar, you’ll learn the security risk requirements, ins-and-outs of recent cases and audits, reason MD Anderson was fined millions, and the many ways a risk assessment tool that can protect you.
Questions or Comments?