Roman is the former News Writer for Information Security Media Group. Having worked for multiple publications at The College of New Jersey, including the College's newspaper "The Signal" and alumni magazine, Roman has experience in journalism, copy editing and communications.
Joy Pritts, chief privacy officer at the Office of the National Coordinator for Health IT, offers insights on the best ways to prevent data breaches involving lost or stolen devices or records snooping.
Covered entities are finding it difficult to comply with a HIPAA Omnibus requirement to accommodate patients who pay cash and don't want their treatment information disclosed to insurers, says Jeff Cobb, CISO at Capella Healthcare.
Now that business associates are directly liable for HIPAA compliance, they need to ensure they perform a thorough risk analysis to identify gaps in their controls, says consultant Andrew Hicks.
An audit protocol from federal regulators is a useful tool for covered entities and business associates that are conducting a risk analysis and beefing up HIPAA compliance efforts, says security expert Bill Miaoulis.
The success of ongoing HIPAA Omnibus Rule compliance efforts depends, in large part, on the leadership of an organization setting appropriate expectations, says compliance expert Margie Satinsky.
Attorney Ellen Giblin describes who should be involved in determining whether a breach should be reported in compliance with the new breach notification requirements of the HIPAA Omnibus Rule. She also offers other compliance insights.
Although OCR has changed its standard for determining breaches under HIPAA Omnibus to a more objective assessment, it's still unclear whether the previous harm standard is truly a thing of the past.
What steps should a covered entity take if a vendor refuses to sign a business associate agreement as required under the HIPAA Omnibus Rule? Attorney Gerry Hinkley offers practical insights.
What are the top challenges and concerns when it comes to meeting the Sept. 23 deadline for complying with the HIPAA Omnibus Rule? Privacy and security attorney Kirk Nahra offers an analysis.
Healthcare organizations aren't performing enough analysis of user behavior to detect possible insider threats, says security consultant Mac McMillan, who outlines the importance of auditing for abnormalities.
Consumer advocate Deven McGraw, who advises federal regulators, describes her expectations for how authorities will initially enforce the many provisions of the new HIPAA Omnibus Rule.
Under the HIPAA Omnibus Rule, the process of obtaining patients' permission for use of their information in medical research projects has been updated, explains privacy attorney Adam Greene.
To prepare for HIPAA compliance audits once they resume, healthcare organizations need to conduct a thorough risk assessment, says Verne Rinker of the HHS Office for Civil Rights.
In complying with the HIPAA Omnibus Rule, covered entities need to demand that their business associates are protecting patient information stored on mobile devices, says consultant Bill Miaoulis.
How can smaller healthcare organizations determine whether a vendor is a business associate or subcontractor directly liable for compliance under the new HIPAA Omnibus Rule? Regulatory expert Marjorie Satinsky explains.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing omnibus.healthcareinfosecurity.com, you agree to our use of cookies.