HIPAA covered entities and business associates need to consider how to practically and efficiently track and illustrate compliance should they find an OCR investigator knocking at the door.
Continue Reading Automating HIPAA Compliance Tracking and Audit Preparation
information risk
OCR Announces HIPAA Audit Program
Today, the Office for Civil Rights formally announced its HIPAA audit plan, with audits commencing in November 2011. A new page on OCR’s website answers some helpful questions for covered entities and business associates, which are summarized in this report.
Continue Reading OCR Announces HIPAA Audit Program
Update: Ninth Circuit to Rehear CFAA Case
As previously discussed, the federal appeals court in San Francisco had reinstated an indictment charging a former employee of Korn/Ferry International, Inc., with violations of the Computer Fraud and Abuse Act, 18 U.S.C. § 1030 (the “CFAA”) for trying to start a business that would compete with his former employer. Now, however, at…
SEC Guidance Related to Reporting Cyber Risks and Incidents
By Joseph J. Lazzarotti on
Posted in Information Risk
SEC issues guidance clarifying reporting obligations for public companies relating to cybersecurity and cyber incidents.
Continue Reading SEC Guidance Related to Reporting Cyber Risks and Incidents
Federal Contractors Required to Conduct Privacy Training Under Proposed Regulations
By Joseph J. Lazzarotti on
Posted in Information Risk
A proposed regulation would require federal contractors to conduct privacy training on at least 7 key areas before being given access to government records or handling personally identifiable information. Failing to provide the training potentially would put a halt to the contractor’s government work.
Continue Reading Federal Contractors Required to Conduct Privacy Training Under Proposed Regulations
HIPAA Audits to Begin Early 2012
Approximately 150 HIPAA on-site audits are scheduled to begin in early 2012. Covered entities and business associates should be aware of the nature and scope of these audits and what they should be doing to be prepare should they be selected.
Continue Reading HIPAA Audits to Begin Early 2012
HHS’ Text4Health Task Force Makes Health Texting Recommmendations
By Joseph J. Lazzarotti on
Text4Health Task Force Makes Health Texting Recommendations to HHS…
Continue Reading HHS’ Text4Health Task Force Makes Health Texting Recommmendations
HHS Report to Congress Shows Marked Increase in Data Breaches
The Office of Civil Rights of the U.S. Department of Health and Human Services (“HHS”) has published its first round of annual reports to Congress under the HITECH (Health Information Technology for Economic and Clinical Health) Act of 2009 to Congress. The first report concerns HHS’s HIPAA (Health Insurance Portability and Accountability Act of 1996)…
Connecticut Attorney General Establishes Privacy Task Force
Newly created Privacy Task Force in Connecticut may lead to increased enforcement.
Continue Reading Connecticut Attorney General Establishes Privacy Task Force
California Strengthens its Data Breach Notification Law
By Joseph J. Lazzarotti on
California tightens its data breach notification requirements.
Continue Reading California Strengthens its Data Breach Notification Law