Vendor Vetting Can Save You Millions
In a recent study conducted by the Ponemon Institute, it was determined that 54% of healthcare vendors had experienced at least one data breach affecting protected [...]
What is a Designated Record Set Under HIPAA?
The HIPAA Privacy Rule generally requires HIPAA covered entities (health plans and most healthcare providers) to provide individuals, upon request, with access to the protected health information [...]
Compliancy Group HIPAA Quiz
Compliancy Group created a HIPAA quiz, available for free, for covered entities (CEs) and business associates (BAs) to assess their HIPAA compliance. We have analyzed the results from 352 [...]
Law Firm HIPAA Compliance
Under HIPAA, covered entities are defined as individuals or entities that transmit protected health information for certain transactions. These transactions generally include include transmission of healthcare [...]
HIPAA Patient Privacy
One of the many misunderstandings in circulation about HIPAA is over how it protects - and when it does not protect - patient privacy. HIPAA patient privacy is regulated [...]
Is FaceTime HIPAA Compliant?
As more healthcare providers are choosing to meet with patients virtually, it is important to determine whether or not the tools they are using are HIPAA compliant. [...]
When is a Covered Entity Liable for a Business Associate Breach?
Under the HIPAA Privacy Rule, a covered entity may, in some circumstances, be liable for its business associate breach under the business associate agreement. When May [...]
When Can a Covered Entity Deny a Request to Amend PHI?
The HIPAA Privacy Rule permits patients to request that PHI contained in their medical records, be amended. The right is not unlimited, however, and a covered [...]
HIPAA Role-Based Access
HIPAA Role-Based Access is a key concept of the HIPAA Security Rule. Under the Security Rule, healthcare organizations are required to implement access controls. Role-based access controls [...]
HIPAA Cloud Service Providers
Cloud service providers (CSP) are businesses that provide network services, business applications, or infrastructure, in the cloud. The services are hosted in a remote data center that can be [...]
