Under the HIPAA Omnibus Rule, security incidents are presumed to be reportable data breaches unless healthcare organizations demonstrate through a four-factor assessment that risks are low, explains privacy expert Kate Borten.
Under HIPAA Omnibus, business associates are now directly liable for HIPAA compliance. But covered entities need to take steps to ensure their BAs are, indeed, HIPAA compliant, says privacy attorney Stephen Wu.
Attorney Helen Oscislawski, a regulatory expert, explains why healthcare organizations must carefully scrutinize their marketing and fundraising policies to prepare for HIPAA compliance.
Healthcare data breaches will be treated much differently under the new HIPAA Omnibus Rule. Find out how in the latest "Experian® Answer Men" interview.
HIPAA-compliance consultant Bill Miaoulis outlines a number of critical steps that many healthcare organizations fail to take to ensure the security of data on mobile devices.
When it comes to HIPAA Omnibus Rule compliance, smaller physician practices must guard against complacency because they could be held accountable, warns compliance expert Marjorie Satinsky.
The new Aurora Research Institute is taking multiple steps to protect the privacy of patients who participate in medical research, clinical trials and personalized medicine endeavors, says institute leader Randall Lambrecht.
CIOs need to go beyond a short-term focus on securing individual systems and take a broader, long-term view on privacy and security issues, says Harry Greenspun, M.D., of the Deloitte Center for Health Solutions.
Healthcare organizations should use a four-step process to determine how best to apply encryption to minimize security risks, says security expert Feisal Nanji.
Too many healthcare organizations conduct a HIPAA compliance assessment instead of a comprehensive risk analysis, says security specialist Dave Newell, who also points out other common mistakes.
Preparing for compliance with the privacy and security provisions of the HIPAA Omnibus Rule and the HITECH Act electronic health record incentive program go hand-in-hand, says federal privacy officer Joy Pritts.
Although the HIPAA Omnibus Rule is a step in the right direction for protecting health information, the regulation still leaves large privacy gaps, says patient advocate Deborah Peel, M.D.
What are the responsibilities of business associates under the HIPAA Omnibus Rule? And how should covered entities work with BAs on compliance? Security expert Mac McMillan explains.
The resumption of the HIPAA compliance audit program is on hold while regulators analyze pilot audit project results and implement the HIPAA Omnibus Rule, says Susan McAndrew of the HHS Office for Civil Rights.
The Cleveland Clinic is in continuous risk assessment mode, always on the lookout for emerging threats and vulnerabilities, says Mark Dill, director of information security. Learn about his top priorities.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing omnibus.healthcareinfosecurity.com, you agree to our use of cookies.