Ep. 77: Know The Rules! Passwords and Passphrases

Why Does It Matter? The Administrative Safeguards of the HIPAA Security Rule requires Covered Entities (CEs) and Business Associates(BAs) to: Implement procedures for creating, changing and safeguarding passwords [For details see: Security Awareness and Training, §164.308(a)(5)]. Make sure you create and regularly use strong passwords (i.e. usually 10 characters or more and includes uppercase and lowercase letters, numbers, and special characters […]

Security Incidents vs Breaches

Ep. 76: Know The Rules! Security Incidents vs Breaches

Difference between Security Incidents vs Breaches Today, I am going to discuss the differences between security incidents vs breaches for you. First, allow me to set the stage with definitions to provide some clarification. What are Security Incidents? HIPAA defines security incidents as attempted or successful unauthorized access, use, disclosure, modification, or destruction of information […]

Where Do I Go From Here?

Ep. 74: Know The Rules! Where Do I Go From Here?

Where Do I Go From Here? Until recently Business Associate Agreement Management (BAAM) was relatively easy. Did You Know? Most industry stakeholders view BAAM as a low-priority compliance responsibility that essentially amounts to checking off another HIPAA requirement. Not Anymore … Today, the stakes surrounding Business Associate Agreement (BAA) compliance have become increasingly high. Compliance […]

Business Associate Agreement Management

Ep. 73: Know The Rules! Business Associate Agreement Management

Are You Doing It … In this week’s “Know The Rules!” I discuss the importance of Business Associate Agreement Management … AND What happens when you don’t do it!! Unless you’re new to healthcare, you know Covered Entities (CEs) are required to obtain a Business Associate Agreement (BAA) with each Business Associate (BA) before handing […]

What Happens When Your Workforce Snoops

Ep. 72: Know The Rules! What Happens When Your Workforce Snoops

Before I go into what CAN happen when your workforce snoops, it is important for you to know what your workforce is doing. And here’s why you should … the HIPAA Security Rule requires Covered Entities (CEs) and Business Associates (BAs) to implement safeguards to record and examine activity on information systems that contain and.or […]

Am I A Healthcare Business Associate?

Episode 68: Know The Rules! Am I A Healthcare Business Associate?

How Do I Know – Am I A Healthcare Business Associate? These days’ doctors and dentists, known as Covered Entities (CE), outsource their business activities to service providers. Health & Human Services (HHS) defines a “Business Associate” (BA) is a person or entity that performs certain functions or activities that involve the use or disclosure […]