The transition to a new presidential administration makes forecasting for HIPAA enforcement activity in 2017 difficult, says privacy attorney David Holtzman of the consultancy Cynergistek, who sizes up what the HHS Office for Civil Rights might do this year.
Breaches can happen even when there are strong protections in place. But healthcare organizations can do more to prepare for breaches and respond in the best possible way to protect patient information.
The rapid rise in cyber-attacks on healthcare organizations necessitates the use of a cyber-centric risk management framework. Recent incidents, including the hacking attack on Community Health Systems, show healthcare is an easy target.
A former senior adviser at the HHS Office for Civil Rights offers his predictions about OCR's HIPAA enforcement and regulatory activities for the year ahead in the wake of the office's leadership changes.
In the struggle to comply with changing regulatory requirements amidst an evolving technological environment, addressing information security can be overwhelming for many healthcare providers. An expert offers tips for sustainable risk management.
One key way to reduce the risk of a breach is continuous improvement of information security programs. It's dangerous to put security controls in place and then walk away, thinking you're finished, warns security expert Kate Borten.
In an age of "innovation" where we are told to "reframe" every problem and not just to "think outside of the box" but "think like there is no box," it is good to know where you are and what is done or what isn't done.
The HIPAA Omnibus Rule includes three new considerations for determining potential civil monetary penalties following a breach investigation. What are the implications for breach prevention strategies?