President Obama issues executive order on cybersecurity
Continue Reading President Obama Issues Executive Order On Cybersecurity
Health Information Technology
NHS Wants Patient Records
Across the pond, concern over government collection of personal health data is rising.
Continue Reading NHS Wants Patient Records
Maryland Attorney General Gansler Forms Internet Privacy Unit
Linking his announcement to National Privacy Day, January 28, 2013, Maryland Attorney General Douglas F. Gansler informed the public that his office has formed an Internet Privacy Unit. (See similar step taken by Connecticut AG)
The stated purpose of the Unit is to protect the privacy of online users. The Unit will be charged…
A Summary of the Final HIPAA Rule
As we continue to examine the final HIPAA privacy and security regulations, as amended by the HITECH Act and the Genetic Information Nondiscrimination Act, we pulled together a summary of some of the key points. We fully expect additional sub-regulatory guidance to be provided by OCR, such as frequently asked questions and sample business …
Top 13 for 2013 – Happy Privacy Day
Top 13 data privacy and security issues for 2013…
Continue Reading Top 13 for 2013 – Happy Privacy Day
Final HIPAA Regulations: “Business Associates” Include Subcontractors, Data Storage Companies (Cloud Providers?)
Under the HITECH Act, business associates are subject to the HIPAA privacy and security rules (the "HIPAA Rules") virtually to the same extent as covered entities. In addition to implementing this change for business associates ("BAs"), and providing additional guidance concerning what entities are business associates, the final HIPAA regulations issued last week also treat certain subcontractors of BAs as BAs directly subject to …
Final HIPAA/HITECH Privacy and Security Regulations Released
Final HIPAA regulations are out……
Continue Reading Final HIPAA/HITECH Privacy and Security Regulations Released
Are Cloud Service Providers Business Associates under HIPAA and the HITECH Act?
Is your cloud service provider HIPAA-compliant?
Continue Reading Are Cloud Service Providers Business Associates under HIPAA and the HITECH Act?
Small HIPAA Breach (Affecting Fewer Than 500) Leads to Substantial Penalties
HIPAA data breach affecting 441 patients leads to investigation resulting in $50K in penalties due to alleged lapses in security compliance.
Continue Reading Small HIPAA Breach (Affecting Fewer Than 500) Leads to Substantial Penalties
OCR Releases Guidance on “De-Identification” of PHI under HIPAA
On Monday, the Office for Civil Rights released guidance regarding methods for de-identification of protected health information (PHI) in accordance with the HIPAA Privacy Rule and as required by the American Recovery and Reinvestment Act of 2009.
HIPAA covered entities and business associates recognize the increasing risks related to handling "protected health information." One way to reduce these…