Although it's been about 18 months since the HIPAA Omnibus Rule went into effect, many healthcare organizations are still struggling to comply with certain provisions, says security expert Tom Walsh.
To ensure their business associates have conducted a thorough risk assessment and other HIPAA compliance tasks, covered entities must have a solid vendor management program in place, says security expert Mac McMillan.
Highlights at the recent HIMSS Conference included revelations about plans for resuming HIPAA compliance audits and groundbreaking discussions about medical device security issues.
The next round of HIPAA compliance audits by federal regulators are likely to focus on three key areas, says compliance expert David Holtzman, who until recently worked at the agency that enforces HIPAA.
When it comes to building a breach response team, too many healthcare organizations use a "volunteer firefighter model," taking inadequate steps to prepare for incidents, says security expert Brian Evans.
Getting the healthcare sector prepared for new and emerging cybersecurity threats is a new focus this year for the Office of the National Coordinator for Health IT, says its chief privacy officer, Joy Pritts.
The Department of Health and Human Services is taking the first steps toward resuming the HIPAA compliance audit program this year, examining business associates as well as covered entities. Find out what's planned.
The HIMSS 2014 Conference, to be held Feb. 23 to 27 in Orlando, will feature an impressive lineup of privacy and security educational content, plus updates from federal regulators. Check out the highlights.
Farzad Mostashari, M.D., the national coordinator for health information technology, sees the exchange of health information as a way to improve care quality. But what's his vision for achieving truly secure data exchange?
The Department of Health and Human Services conducts three types of audits or investigations involving privacy and security issues. But preparing for any of these inquiries requires similar steps, experts say.
Too many healthcare organizations conduct a HIPAA compliance assessment instead of a comprehensive risk analysis, says security specialist Dave Newell, who also points out other common mistakes.
The HIPAA Omnibus Rule could play an important role in improving the security of medical devices that store patient data, says an official with the agency that enforces HIPAA. Find out what part the rule could play.
Although the HIPAA Omnibus Rule is a step in the right direction for protecting health information, the regulation still leaves large privacy gaps, says patient advocate Deborah Peel, M.D.
Preparing for compliance with the privacy and security provisions of the HIPAA Omnibus Rule and the HITECH Act electronic health record incentive program go hand-in-hand, says federal privacy officer Joy Pritts.
What are the responsibilities of business associates under the HIPAA Omnibus Rule? And how should covered entities work with BAs on compliance? Security expert Mac McMillan explains.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing omnibus.healthcareinfosecurity.com, you agree to our use of cookies.