Ransomware: 3 ways to protect your organization
We at HIPAA One want to share a few ways we see organizations are vulnerable and get hacked. Take action after reading this blog to protect your organization from being the next target.
A balance of trust: new guidelines for business associates under HIPAA
As a covered entity, it is important to partner with business associates that have a strong security posture with safeguards and controls in place to prevent HIPAA violations and fines.
Don’t get caught! Five ways to avoid a phishing scam
As technology evolves, so does the sophistication of these phishing attacks. It is no longer a matter of if you receive a phishing email but when you receive a phishing email.
Am I a business associate under HIPAA? Why should I care?
Back in 2013, when Edward Snowden was in Hong Kong revealing he leaked documents detailing mass-surveillance programs by the U.S. government, the Department of Health and Human Services (HHS) was creating the Final Omnibus Rule. This rule extended its regulatory reach beyond covered entities (e.g. healthcare providers, health plans, and clearinghouses) to business associates who …
HIPAA Compliance for Microsoft Office 365
Organizations in every industry are upgrading to Microsoft Office 365 to improve security. A common concern among healthcare professionals is that using Office 365 and Microsoft Teams exposes an organization to HIPAA violations. If Office 365 is implemented without the correct security configurations, that is likely true. However, Office 365 and Teams can easily be …
HHS SRA Tool Version 3.0 – The Good, Bad and Ugly
Earlier this month, the U.S. Department of Health and Human Services (HHS) and the Office for Civil Rights (OCR) released an updated version of their Security Risk Assessment Tool (SRAT). We have been following the development of this toolkit since its inception in 2011 as the HSR toolkit and reviewed V2.0 in early 2014. Each time a new version is released, HIPAA One gathers with a few trusted industry partners to review the changes and updates so that we may accurately counsel healthcare providers, payers and business associates on the pros and cons of utilizing this free, government-issued application.
Cloud email phishing attacks: A practical guide
A quick review of the HHS Breaches Over 500 list paints a pretty grim picture of the number of breaches affecting 500 or more individuals. Breaches have been steadily increasing and the culprit is clear: Hacking/IT incidents, namely email phishing attacks. Fraudsters and criminals are exploiting vast databases of compromised user credentials to make payroll.
HIPAA Security Checklist
The following checklist summarizes the HIPAA Security Rule requirements that should be implemented by both covered entities and business associates.
State Departments Conducting Audits?!?
In recent years, healthcare audits have been a trending topic within the compliance world. Following the Phase II launch of the HHS Office for Civil Rights (OCR) Audit Protocol in March 2016, many members of the healthcare community equate audits with either the federal government or other large accounting firms such as Figliozzi & Company. …
Healthcare Continues to Dominate Breach Related Costs
A new study conducted by the Ponemon Institute on behalf of IBM Security confirmed the fears of so many healthcare information security professionals, no other personal information yields a higher value than compromised patient records. Across the country, healthcare organizations have a Goliath size security problem. For an eight-straight year, healthcare has the highest breach-related …
Let HIPAA One do the heavy lifting for your company when it comes to compliance. Make us part of your team to stay up-to-date, stay automatically compliant, and most importantly, protect your client's information.