The Department of Health and Human Services conducts three types of audits or investigations involving privacy and security issues. But preparing for any of these inquiries requires similar steps, experts say.
The resumption of the HIPAA compliance audit program is on hold while regulators analyze pilot audit project results and implement the HIPAA Omnibus Rule, says Susan McAndrew of the HHS Office for Civil Rights.
The Cleveland Clinic is in continuous risk assessment mode, always on the lookout for emerging threats and vulnerabilities, says Mark Dill, director of information security. Learn about his top priorities.
Privacy and security leaders, including John Houston at University of Pittsburgh Medical Center, are evaluating the changes needed to comply with the HIPAA omnibus final rule. Find out what's on their to-do lists.
The new omnibus rule makes it clear that business associates must comply with HIPAA. And the latest additions to the federal health data breach tally put a spotlight on why some BAs need to improve patient data protection.
With HIPAA compliance audits slated to resume within about a year, what steps can healthcare organizations take to begin to prepare? OCR's Leon Rodriguez offers strategies based on initial audit findings and breach investigations.
Healthcare organizations, faced with limited budgets for improving their security posture, can look to risk assessments as a means of guiding allocation of resources to reduce business risk.
Read this report from Intel and Information Security Media Group for expert insights on:
Why many healthcare entities do...