Ep. 77: Know The Rules! Passwords and Passphrases

Why Does It Matter? The Administrative Safeguards of the HIPAA Security Rule requires Covered Entities (CEs) and Business Associates(BAs) to: Implement procedures for creating, changing and safeguarding passwords [For details see: Security Awareness and Training, §164.308(a)(5)]. Make sure you create and regularly use strong passwords (i.e. usually 10 characters or more and includes uppercase and lowercase letters, numbers, and special characters […]

Security Incidents vs Breaches

Ep. 76: Know The Rules! Security Incidents vs Breaches

Difference between Security Incidents vs Breaches Today, I am going to discuss the differences between security incidents vs breaches for you. First, allow me to set the stage with definitions to provide some clarification. What are Security Incidents? HIPAA defines security incidents as attempted or successful unauthorized access, use, disclosure, modification, or destruction of information […]

Where Do I Go From Here?

Ep. 74: Know The Rules! Where Do I Go From Here?

Where Do I Go From Here? Until recently Business Associate Agreement Management (BAAM) was relatively easy. Did You Know? Most industry stakeholders view BAAM as a low-priority compliance responsibility that essentially amounts to checking off another HIPAA requirement. Not Anymore … Today, the stakes surrounding Business Associate Agreement (BAA) compliance have become increasingly high. Compliance […]

Offshoring Protected Health Information

Offshoring Protected Health Information …

Could This Have Been Offshored Protected Health Information … While all the facts are not in and only time will tell IF both of these healthcare data breaches were the results of offshoring protected health information. Shared with permission from: Elizabeth Burke, BA, CCS The Hippocratic Oath Must Extend To The Business Office: Confronting and […]

Business Associate Agreement Management

Ep. 73: Know The Rules! Business Associate Agreement Management

Are You Doing It … In this week’s “Know The Rules!” I discuss the importance of Business Associate Agreement Management … AND What happens when you don’t do it!! Unless you’re new to healthcare, you know Covered Entities (CEs) are required to obtain a Business Associate Agreement (BAA) with each Business Associate (BA) before handing […]

What Happens When Your Workforce Snoops

Ep. 72: Know The Rules! What Happens When Your Workforce Snoops

Before I go into what CAN happen when your workforce snoops, it is important for you to know what your workforce is doing. And here’s why you should … the HIPAA Security Rule requires Covered Entities (CEs) and Business Associates (BAs) to implement safeguards to record and examine activity on information systems that contain and.or […]