You hear it over and over again. Covered Entity (CE) A failed to produce an ongoing risk assessment for HIPAA security compliance. CE B had an incomplete risk analysis, leading to a failure to recognize security weaknesses and vulnerabilities. And in come the fines.
When Shallie J. Bryant, CHC, CHPC, went to work at CaroMont Health in North Carolina more than two years ago, her biggest challenge was creating a culture of patient privacy.
We are four months into the new fiscal year and the Office of Inspector General (OIG) has finally released its highly anticipated Work Plan. Click the link above for more information and an in-depth analysis.
Hospitals can make better use of their electronic health record (EHR) system’s audit functions not only to guard patient privacy but also to help prevent healthcare fraud, according to a new HHS Office of Inspector General (OIG) report.
The reason R. Brett Short, chief compliance officer at UK HealthCare at the University of Kentucky, talks about his organization’s OCR audit is to share the lessons he learned.
UK HealthCare’s Albert B. Chandler Hospital was one of 20 covered entities to undergo an initial test audit by the OCR in 2012.
UK HealthCare’s Chief Compliance Officer R. Brett Short knew he was in for a rough day as soon as he saw the email from his organization’s privacy officer.
