A Wake-up Call on the Security Rule | Journal of AHIMA

You may want to take a moment to read this article immediately below when it’s convenient for you…

A Wake-up Call on the Security Rule | Journal of AHIMA


The article entitled “A Wake-up Call on the Security Rule” from the Journal of AHIMA” provides important background information about why organizations need to become and remain compliant with the HIPAA Security Final Rule, the HIPAA Privacy Final Rule and the “teeth” put into both by The HITECH Act.

As the title suggest, the article focuses on Security and discusses both a security compliance assessment AND a security risk analysis.  There’s much confusion about them, hence my blog post of a couple of weeks ago: “HIPAA Security Evaluation – HIPAA Risk Analysis: Explained”

Some of the more salient points in the article:

· Susan McAndrew, OCR deputy director for privacy (at OCR), said that OCR spent its first year mainly getting acquainted with security enforcement. This year, she said, would be the year OCR moves security enforcement to the forefront of its efforts.

· OCR has added investigators in 10 regional OCR offices with the expectation to conduct more HIPAA security compliant investigations and compliance reviews.

· OCR also has the ability to also conduct random security rule compliance audits at covered entities.

· Being prepared for a HIPAA security rule compliance audit—either conducted at random by OCR or triggered by a security breach incident—has never been more important.

· “Risk analysis and risk management are really the key … to prepare for an OCR security audit,”

· The threat of increased fines and enforcement is not the only reasons healthcare organizations should reevaluate their HIPAA security risk analyses. The HITECH “meaningful use” incentive program…explicitly calls for organizations to conduct and document a risk analysis and implemented security controls”

Remember… although the official translation of HITECH = Health Information Technology for Economic and Clinical Health, for most Covered Entities and Business Associates it means “Hey It’s Time to End Your Compliance Holiday”…

4 Responses to “A Wake-up Call on the Security Rule | Journal of AHIMA”
  1. Bad Credit Loans Ottawa 23 March 2014 at 4:15 pm #

    Generally I don’t learn post on blogs, however I wish to say
    that this write-up very pressured me to try and do so!

    Your writing style has been amazed me. Thank you, very great post.

    My blog Bad Credit Loans Ottawa

  2. Payday Loans West Edmonton 29 March 2014 at 4:34 am #

    You are so interesting! I don’t believe I’ve truly read through something like that before.

    So great to discover somebody with a few genuine thoughts on this topic.
    Really.. many thanks for starting this up. This site is one thing
    that is required on the internet, someone with a bit of originality!

    my site; Payday Loans West Edmonton

  3. Felton Bushong 30 June 2014 at 2:36 pm #

    Hi people if you can’t earn any money online try – bluehand roulette system – it earns
    me decent money everyday, just google it


  1. Second Major Fine This Week Shows OCR is Ramping Up HIPAA Enforcement | About HIPAA - 06/24/2011

    [...] OCR officials promised enforcement was coming. These comments were reiterated late in 2010 with an emphasis on 2011 being the year to focus on enhanced enforcement activity. And just this week at HIMSS, OCR officials [...]

Leave a Reply