The HIPAA Security Rule isn't specific about the timing of training, but it includes awareness building, reminders, and specific topics that must be addressed. Education, training, and awareness building are critical to privacy and security compliance.
HIPAA privacy and security professionals work hard to create commonsense policies and procedures and lobby for the best technical safeguards for their organizations. But time and again that hard work is wiped out by the most persistent threat of all: insider threat.
Privacy and security are challenging enough within the walls of a hospital or business office. But as the number of remote staff increases, privacy and security officers must be prepared to pioneer a new environment of remote home offices and mobile devices.
Providers may share information with a patient’s loved ones, regardless of whether they are recognized as relatives under applicable laws, the Office for Civil Rights (OCR) said in updated HIPAA guidance released January 10. OCR also issued a FAQ explaining that disclosures to a loved one who is not married to the patient or otherwise recognized as a relative are generally permissible under the same the conditions and circumstances as disclosures to a spouse or other relative.
Q: OCR has said that the comprehensive HIPAA audits will occur in 2017. We received a pre-audit letter as a CE but were not audited as part of the CE round of phase two desk audits. What is included in the comprehensive audits, and is there a chance we will be audited?
An insurer agreed to a multimillion dollar HIPAA settlement in the Office for Civil Rights’ (OCR) second HIPAA settlement of the year. The agency looks to be on track to continue last year’s trend of increased activity and high-profile multimillion dollar settlements.
An Illinois healthcare network is the first organization hit with a HIPAA settlement fine for violating the timely breach notification requirement, the Office for Civil Rights (OCR) announced January 9.
Q. Are we required to report cybersecurity incidents to federal agencies other than the Office for Civil Rights, such as the Department of Homeland Security?
