Breaking Down the HIPAA Security Standards Today I am breaking down the HIPAA Security Rule, 45 CFR § 164.308, into byte-size portions to help you understand how they are significant to your organization. The HIPAA Security Rule establishes security standards for protecting all electronic protected health information (ePHI), 45 CFR Part 160 and Part 164, Subparts A and C. The HIPAA Security …
HIPAA Security Management Process in 6 Steps Today I am breaking down the HIPAA Security Management Process, 45 § 164.308(a)(1), into byte-size portions to help you understand how they are significant to your organization. Before I can break down today’s topic, I first should set the stage. The HIPAA Security Rule, Administrative Safeguards provisions that requires regulated entities to perform a …
Breaking Down the HIPAA Security Officer Requirement Today I am breaking down the HIPAA Security Officer requirement, Assigned Security Responsibility 45 § 164.308(a)(2), into byte-size portions to help you understand how they are significant to your organization. Since 2005, the Health Insurance Portability and Accountability Act (HIPAA) Security Rule has required regulated entities to identify who will be operationally responsible for assuring that the …
Breaking Down the HIPAA Security Officer Requirement Read More »
Today, I am presenting a case study on the chain of events after a Business Associate breach of electronic protected health information (ePHI). Business Associates (BAs) YOU may be directly liable for violations of the Health Insurance Portability and Accountability Act (HIPAA) Security Rule and Breach Notification Rule as well as certain provisions of the …
Breaking Down Threats, Vulnerabilities, and Risks Today I am breaking down threats, vulnerabilities, and risks into byte-size portions to help you understand how they are significant to your organization. Before I can break down today’s topic, I first should set the stage. Setting the Stage for Threats, Vulnerabilities, and Risks The Security Management Process, 45 …
Breaking Down Threats, Vulnerabilities, and Risks Read More »
The HIPAA Security Rule adopts national standards for safeguards to protect the confidentiality, integrity, and availability of electronic protected health information (ePHI) that is created, received, maintained, or transmitted by a Covered Entity (CE) or Business Associate (BA). As a CE or BA, you are required to have in place reasonable and appropriate security measures …
What is ransomware? Ransomware is a type of malicious software, known as malware, designed to deny access to a user’s data, usually by encrypting the data with a key known only to the hacker who deployed the malware, until a ransom is paid. After the user’s data is encrypted, the ransomware directs the user to …
Tips For Keeping Your Health Information Safe There are laws that protect the privacy of your health information held by those who provide you healthcare services. But as it becomes easier to get and share your own health information online, you need to take steps to protect it. Does HIPAA Protect All Health Information? No! …
Establishing Your Culture of Compliance Covered Entities (CEs) or Business Associates (BAs) must instill and support a security-minded organizational culture. What the heck does that mean, “Culture of Compliance”? Establishing a “culture of compliance” in your healthcare organization will require buy-in from leadership; without it ALL efforts to secure electronic protected health information (ePHI) will …
What is encryption? Encryption is a method of converting an original message of regular text into encoded text. The text is encrypted by means of an algorithm (type of formula). If information is encrypted, there would be a low probability that anyone other than the receiving party who has the key to the code or …