You must complete a HIPAA risk assessment each year, and now is the time to do so. Conducting an annual HIPAA risk assessment is an important part of compliance, as well as being integral to protecting your business against breaches. This is because risk assessments reveal vulnerabilities, threats, and risks to protected health information (PHI), thus uncovering deficiencies in your current security practices. [...]
The HIPAA Security Rule requires that covered entities (health plans, healthcare clearinghouses, and healthcare providers who electronically transmit any health information in connection with a HIPAA related transaction), and business associates, implement security safeguards to protect the confidentiality, integrity, and availability of electronic protected health information (ePHI). ePHI is any protected health information that is created, stored, transmitted, or received in any electronic format. Performing [...]
In 2011, the Department of Health and Human Services (HHS), the federal agency for enforcing HIPAA, issued a Security Risk Assessment (SRA) tool through its Office for Civil Rights (OCR). In 2019, after several updates, OCR is offering its newest updated HHS SRA tool, version 3.1. The updated HHS SRA Tool contains several features that the prior tools did not contain. What is the Updated HHS SRA Tool? [...]
Oregon Health and Science University (OHSU) reached a settlement with OCR earlier in July for $2.7 million. The organization had executed six risk analysis over the course of 10 years, but the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) found that those risk assessments did not constitute a sufficient HIPAA compliance plan. This case should be a clear sign to healthcare professionals that [...]
© 2023 Compliancy Group LLC. All Rights Reserved | Terms of Use | Privacy Policy
