Security specialist David Newell outlines common pitfalls healthcare organizations need to avoid when conducting a risk analysis - such as focusing on an insufficient, narrow HIPAA compliance assessment.
The new HIPAA Omnibus Resource Center from Information Security Media Group offers news, insights and analysis to assist covered entities as well as business associates with compliance.
Lack of training has been the cause of many HIPAA compliance problems. That's why the Department of Health and Human Services is taking several steps to ramp up education.
The privacy and security provisions of the HIPAA Omnibus Rule and the HITECH Act EHR incentive program "dovetail together quite nicely," says federal privacy officer Joy Pritts, who offers compliance tips.
The Department of Health and Human Services is preparing guidance designed to assist healthcare providers and business associates in complying with the HIPAA Omnibus Rule.
Business associates continue to play a starring role in many major health data breaches, the federal breach tally shows. But under HIPAA Omnibus, could even more business associates be implicated?
The Department of Health and Human Services is considering a HIPAA amendment that could make it easier for states to report identities of certain mental health patients to a federal background check database for gun purchases.
Farzad Mostashari, M.D., the national coordinator for health information technology, sees the exchange of health information as a way to improve care quality. But what's his vision for achieving truly secure data exchange?
When a health information exchange shuts down, what happens to the patient data that was stored and shared? The leader of a recently closed HIE in Wisconsin explains its approach.
Healthcare CIOs need to take a clear leadership role on privacy and security matters, including compliance with the HIPAA Omnibus Rule, says Russ Branzell, the new head of CHIME, a CIO association.
Business associates and subcontractors that handle protected health information must prepare for audits and enforcement actions under the HIPAA Omnibus Rule, says security expert Susan Lucci.
The advocacy group Patient Privacy Rights has co-developed a "trust framework" that IT vendors and their clients can use to help measure compliance with privacy principles. But will it prove practical?
Creating a new risk assessment framework for breach notification is among the steps the Cleveland Clinic is taking to comply with the HIPAA Omnibus Rule. Find out other components of the organization's compliance strategy.
In the aftermath of a massive health data breach last year and a smaller incident this year, the state of Utah is taking a number of steps, including creating a data security office within the health department.
What's the cost to an organization when it suffers a security breach and breaks trust with its own customers? Jeff Hudson, CEO of Venafi, presents results of a new survey on the cost of failed trust.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing omnibus.healthcareinfosecurity.com, you agree to our use of cookies.
