This latest HIPAA breach settlement serves as a costly reminder that healthcare organizations must ensure they properly remove or destroy protected health information from all gear prior to disposal.
What steps should a covered entity take if a vendor refuses to sign a business associate agreement as required under the HIPAA Omnibus Rule? Attorney Gerry Hinkley offers practical insights.
After months of delay, a hearing has been scheduled to discuss a controversial accounting of disclosures proposal that calls for giving patients the right to a full report outlining who has accessed their records.
Two recent incidents at Oregon Health & Science University involved inappropriate storage of unencrypted patient information in the cloud. Experts weigh in on the fogginess of HIPAA Omnibus regarding cloud providers.
The Sept. 23 enforcement deadline for the HIPAA Omnibus Rule is less than two months away. Privacy and security experts offer tips for what needs to get done now in order to meet compliance milestones.
What are the top challenges and concerns when it comes to meeting the Sept. 23 deadline for complying with the HIPAA Omnibus Rule? Privacy and security attorney Kirk Nahra offers an analysis.
Under HIPAA Omnibus, many cloud computing providers are considered business associates directly liable for HIPAA compliance. What safeguards to protect health data should covered entities expect cloud providers to implement?
Under the new HIPAA Omnibus Rule, business associates and their subcontractors are now directly liable for HIPAA compliance. But what kinds of companies meet the definition of a business associate? Privacy attorney Stephen Wu explains.
Healthcare organizations aren't performing enough analysis of user behavior to detect possible insider threats, says security consultant Mac McMillan, who outlines the importance of auditing for abnormalities.
Insurer WellPoint has agreed to pay the Department of Health and Human Services $1.7 million to settle a HIPAA case stemming from a website data breach that may have exposed information on more than 612,000 individuals.
Consumer advocate Deven McGraw, who advises federal regulators, describes her expectations for how authorities will initially enforce the many provisions of the new HIPAA Omnibus Rule.
With data breaches becoming nearly inevitable, many organizations are looking now for new ways to reduce the costs associated with them. Here are five practical tips for how to contain breach costs.
The agency that administers Indiana's Medicaid program is notifying almost 188,000 clients of a possible breach of their data tied to an apparent programming error by a business associate.
Under the HIPAA Omnibus Rule, the process of obtaining patients' permission for use of their information in medical research projects has been updated, explains privacy attorney Adam Greene.
To prepare for HIPAA compliance audits once they resume, healthcare organizations need to conduct a thorough risk assessment, says Verne Rinker of the HHS Office for Civil Rights.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing omnibus.healthcareinfosecurity.com, you agree to our use of cookies.