Healthcare Compliance Tools: How to Protect Patient Information

Ensuring that patient protection adheres to the Health Insurance Portability and Accountability Act (HIPAA) guidelines is paramount. In recent years, several healthcare HIPAA compliance tools have emerged to assist organizations in meeting these stringent requirements. How can these tools help you with compliance, and what should you look for from yours? Why Healthcare Compliance Risk Assessments Are Important Healthcare providers are well [...]

2023-07-24T14:36:52-04:00June 12th, 2023|

Why You Need a HIPAA Third Party Risk Assessment

There’s a ton of information available about HIPAA risk assessments designed to serve as guides for a DIY process. But, most of the steps they ask you to take are not self-explanatory, and many of the terms used require a robust security vocabulary. So, how can the average person complete a security risk assessment and ensure they’ve done so correctly? Use a HIPAA third party risk [...]

2023-07-25T10:19:36-04:00March 9th, 2023|

Survey Says: Majority Missing Key Piece of HIPAA Compliance

A recent poll of webinar attendees found that barely one-third may be HIPAA compliant, based upon responses to a single question. Conducting an annual Security Risk Analysis is one of the foundational requirements of HIPAA compliance. Still, only 33.5 percent of 146 respondents answered affirmatively to the question, “Have you completed your HIPAA Risk Analysis for this year?” The poll was conducted [...]

2023-07-26T14:41:32-04:00June 3rd, 2022|

HIPAA SRA Requirements: Conduct Ongoing, Continuous Risk Analyses

The question is asked of HIPAA subject matter experts with an almost maddening frequency: “How often do I need to conduct a HIPAA Security Risk Analysis (SRA)?” In 2010, the Department of Health and Human Services’ Office for Civil Rights issued guidance on the topic. The guidance did not spell out how often the analysis is to be performed. Yet, the guidance [...]

2023-07-27T13:22:07-04:00March 1st, 2022|

Completing Your Annual HIPAA Risk Assessment Before the Deadline

You must complete a HIPAA risk assessment each year, and now is the time to do so. Conducting an annual HIPAA risk assessment is an important part of compliance, as well as being integral to protecting your business against breaches. This is because risk assessments reveal vulnerabilities, threats, and risks to protected health information (PHI), thus uncovering deficiencies in your current security practices. [...]

2023-09-27T17:14:27-04:00November 19th, 2021|

Everything You Need to Know About HIPAA Security Risk Assessments

It’s that time of year when you should be preparing for your annual HIPAA security risk assessment. As the year comes to a close, the last thing you want to worry about is meeting the risk assessment deadline. So why delay the inevitable when you can avoid the end of year rush by completing your risk assessment now? Now that you’re ready to get started, learn [...]

2023-11-03T14:00:10-04:00October 13th, 2021|

5 Tips on How to Complete a Risk Assessment

Are you worried about completing your HIPAA risk assessment? Many organizations are. To provide you with guidance, 5 tips on how to complete a risk assessment are discussed. Educate yourself on the HIPAA Security Rule Identify risks and vulnerabilities Create and implement remediation plans Use a risk assessment tool Repeat annually How to Complete a Risk Assessment Completing your [...]

2023-07-28T13:44:59-04:00April 15th, 2021|

$5.1 Million Fine Announced for HIPAA Data Breach

The Department of Health and Human Services (HHS) Office for Civil Rights has entered into a settlement with the Excellus Health Plan, under which Excellus has agreed to pay $5.1 million and to enter into a corrective action plan. The settlement was prompted by an OCR investigation that found widespread noncompliance with provisions of the HIPAA Privacy and Security Rules. As a result of the noncompliance, the data [...]

2023-07-31T13:34:55-04:00January 15th, 2021|

Why You Should Complete an SRA Now Even If You Qualify for a MIPS Exception

CMS recently announced that under certain circumstances, healthcare providers are exempt from the requirement to complete a security risk analysis (SRA), while remaining eligible to benefit from the MIPS Quality Payment Program. However, healthcare providers must still complete an SRA to satisfy HIPAA requirements. So even if you qualify for the MIPS SRA exemption, you will still need to meet the HIPAA SRA requirement. Why you should complete [...]

2023-11-22T14:48:38-05:00October 19th, 2020|

New OCR Guidance on Completing a Risk Assessment

Recently, to provide HIPAA covered entities and business associates with assistance in completing their risk assessments, the Office for Civil Rights (OCR) released guidance. The OCR guidance lays out a detailed list of IT asset inventory steps that should be taken when completing a risk analysis. More details on the OCR guidance are discussed below. OCR Guidance: Keeping an IT Asset Inventory [...]

2023-10-27T12:14:37-04:00August 27th, 2020|