AboutHIPAA.com is run by Bob Chaput, CISSP, CIPP-US, one of the nation’s leading experts in HIPAA-HITECH regulatory compliance. More →
This post is motivated by three phone conversations in one day with likely Business Associates (BAs), trying to sort out if they really are a HIPAA Business Associate. Millions of companies are now statutorily obligated to comply with HIPAA-HITECH regulations, because of their BA status. They’d prefer to meet the “conduit exception” requirements and not… Read More »
I don’t know if you had a chance to listen to Kathleen Sebelius announce on a brief video, the HHS 2014 budget a few days ago, or read the “Highlights of the 2014 HHS Budget”. The video announcement did not cite the reason for the $1MM, or 2.4% increase in OCR’s budget over 2013. You might… Read More »
OCR has published audit protocols as part of the program to conduct the HITECH-mandated audits of Covered Entities and Business Associates. Learn the specific audit procedures around meeting the explicit requirement to conduct an Evaluation at 45 CFR §164.308(a)(8). If you create, receive, maintain or transmit ePHI, you should view this webinar.
CMS announced in January, after a critical OIG audit report, that Eligible Providers, Eligible Hospitals and Critical Access Hospitals who have purchased and implemented an electronic health record (EHR) system and attested to meaningful use of that EHR may be subjected to an audit before they see an incentive payment. Here’s today’s big TIP – Learn the exact requirement… Read More »
Compliance assessment?Security Evaluation? Risk Assessment? Risk Analysis? Compliance Analysis? Huh? Just what does the HIPAA Security Final Rule and/or The HITECH Act and/or Meaningful Use Final Rule require? We end the confusion in this webinar…
With increasing penalties, greater enforcement and a growing set of sources of business risks and sources of liabilities, healthcare organizations and companies that support healthcare organizations must gain a solid understanding of the HIPAA Privacy and Security and HITECH Breach Notification Rules. While it is fairly well known that these rules provide for the privacy… Read More »
Compliance assessment?Security Evaluation? Risk Assessment? Risk Analysis? Compliance Analysis? Huh? Just what does the HIPAA Security Final Rule and/or The HITECH Act and/or Meaningful Use Final Rule require? We end the confusion in this webinar…
Covered Entities, Business Associates and their agents who create, received, maintain and transmit ePHI for a “chain of custody” or “chain of trust” when it comes to HIPAA HITECH regulations. Responsibilities for safeguarding ePHI exist for all of these organizations. Sometimes the most security organizations suffer the embarrassment (HHS Wall of Shame) and liability of… Read More »
Get our regular HIPAA HITECH Newsletter and make sure you are first to hear about new laws and compliance issues.
