The federal HIPAA compliance audit program won't resume until this fall at the soonest, says Susan McAndrew of the HHS Office for Civil Rights. She describes specific steps that organizations can take to prepare.
As hospitals and clinics plow ahead with their HIPAA Omnibus Rule compliance efforts, they should also remind patients to be careful when communicating their own health information. A clinical psychologist offers practical insights.
Complying with the HIPAA Omnibus Rule requires a task force approach, says John Pritchard, information security manager at St. Charles Health System. Find out why Pritchard believes the rule eliminates ambiguities.
The new Aurora Research Institute is taking multiple steps to protect the privacy of patients who participate in medical research, clinical trials and personalized medicine endeavors, says institute leader Randall Lambrecht.
As organizations get ready to comply with the HIPAA Omnibus Rule, they also must scrutinize longstanding HIPAA compliance challenges. Experts highlight the key areas of concern.
Health data breaches involving the loss or theft of unencrypted computing devices are a persistent problem, according to the most recent federal statistics. A security expert offers insights and advice.
The HIPAA Omnibus Rule provides new, more objective guidelines for how to assess whether breach notification is required. Regulatory experts provide six tips for how to prepare to comply.
With the HIPAA Omnibus Rule taking effect on March 26, the clock is running for covered entities and business associates to meet the Sept. 23 compliance date. Experts offer four tips for staying on track.
Attorney Marcy Wilder explains why the HIPAA Omnibus Rule means many healthcare organizations will need to change their approach to determining if an incident is a breach that must be reported.
Healthcare organizations signing new deals with vendors, including many cloud services providers, must make sure that their business associate agreements reflect the new HIPAA Omnibus Rule's requirements.
The Department of Health and Human Services conducts three types of audits or investigations involving privacy and security issues. But preparing for any of these inquiries requires similar steps, experts say.
How are business associates affected by the HIPAA Omnibus Rule? Susan McAndrew of the HHS Office for Civil Rights outlines the relevant provisions and offers compliance advice to covered entities and their partners.
CIOs need to go beyond a short-term focus on securing individual systems and take a broader, long-term view on privacy and security issues, says Harry Greenspun, M.D., of the Deloitte Center for Health Solutions.
Healthcare organizations should use a four-step process to determine how best to apply encryption to minimize security risks, says security expert Feisal Nanji.
Too many healthcare organizations conduct a HIPAA compliance assessment instead of a comprehensive risk analysis, says security specialist Dave Newell, who also points out other common mistakes.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing omnibus.healthcareinfosecurity.com, you agree to our use of cookies.