In this week’s Know The Rules! I present a case study on what happens when you don’t perform your Business Associates Due Diligence. Do you know the expression … What you don’t know WILL hurt you!! That is what Advanced Care Hospitalists (ACH), a contractor physician group in West Florida, found …
Business Associate Healthcare Data Breaches In “Episode 63: Know The Rules!”, I reported what I thought were all of the healthcare data breaches reported on the Health & Human Services (HHS) Office of Civil Rights (OCR) Breach Portal website by Business Associates (BAs) in 2018. This is what I reported last week: The year 2018 …
2018 Third-Party Healthcare Data Breaches – Update Read More »
Today, I am presenting a case study on the chain of events after a Business Associate breach of electronic protected health information (ePHI). Business Associates (BAs) YOU may be directly liable for violations of the Health Insurance Portability and Accountability Act (HIPAA) Security Rule and Breach Notification Rule as well as certain provisions of the …
What Happens After A Healthcare Breach … These days the news is filled with story after story about another healthcare breach of electronic protected health information (ePHI). Over the last few weeks I shared with you the importance of securing PHI. Not Doing Their HIPAA Risk Analysis Cost Them $3.5 Million Last week, Fresenius Medical …
Find Out What Happened After the Healthcare Breach Read More »
Did you know? In 2013, the Final Omnibus Rule updated the HIPAA Security Rule and Breach Notification clauses of the HITECH Act. As a result every Business Associate (BA) that creates, receives, maintains, or transmits electronic Protected Health Information (ePHI) is required to perform a comprehensive enterprise-wide HIPAA Security Risk Analysis (Per: §164.308(a)(1)(ii)(A)). This means …
Third-Party Vendors – Don’t Let This Happen To You! Read More »
When a security incident happens and when they do, effective response planning can be a major factor of how significant an organization suffers operational or reputational harm or legal liability. Being able to respond to incidents in a systematic way ensures appropriate response steps are taken each time to help minimize the impact of breaches. …
What’s a Security Incident? When is it a Breach? Read More »
What if your Business Associates Had A Security Incident? Covered Entities (CEs) believe its impossible to determine whether the policies and procedures of their Business Associates (BAs) are adequate to respond effectively to a security incident. To complicate matters a large more believes their Business Associates would NOT notify them in the event of a …