Complicating healthcare compliance efforts is the growing trend of migrating patient data to cloud storage and hosted applications such as Health Information Exchange systems. The cloud lowers costs and improves efficiency, but widens the attack surface for data breaches.
To counter this challenge, download this...
Does your organization really have a clear idea of what measures your business associates are taking to safeguard your most sensitive data? Yet another breach, this one affecting Arkansas Blue Cross Blue Shield, points to the risks.
Recent breaches and regulatory audits have sharpened the focus on third-party risks. How are healthcare entities tackling this critical topic of business associate management? Attorney David Szabo shares insights.
When it comes to health data breaches, business associates are again grabbing headlines, calling attention to the importance of scrutinizing vendors. The latest incident involves a breach that wasn't reported to a covered entity for eight months.
Many covered entities aren't taking the steps needed to reduce the risks involved when business associates access protected health information, says attorney David Holtzman, who analyzes results of the Healthcare Information Security Today survey.
A recent incident involving disposed in a vendor's dumpster is an example of why healthcare organizations say business associates taking inadequate security steps ranks as their No. 1 perceived breach threat today.
A former senior adviser at the HHS Office for Civil Rights offers his predictions about OCR's HIPAA enforcement and regulatory activities for the year ahead in the wake of the office's leadership changes.
A dispute involving an EHR vendor that allegedly locked out a small clinic's access to patient data illustrates why healthcare organizations need to carefully scrutinize the HIPAA-related fine print in their business associate contracts.
One year after HIPAA Omnibus Rule enforcement began, why do so many healthcare entities and business associates continue to struggle with even the most basic requirements? Security expert Andrew Hicks offers insights.
Once the now-delayed HIPAA compliance audits resume, federal regulators will be conducting more on-site audits and fewer remote desk audits of covered entities and business associates than originally planned.