The traditional means of patients seeking treatment (in-person) has been disrupted and has accelerated the need for hospitals and clinics to adopt telehealth technologies. As organizations adopt these new technologies, precautions and appropriate safeguards should be taken to ensure ePHI stays secure.
At HIPAA One we believe the SRAT tool can be an effective training tool for compliance professionals and recognize that it does have its merits and although we are admittedly biased, we’re going to outline everything you need to know about the 3.0.1 update
As a covered entity, it is important to partner with business associates that have a strong security posture with safeguards and controls in place to prevent HIPAA violations and fines.
After releasing the HIPAA One Security Risk Analysis, we received exceptional feedback on the product and how much our clients appreciated the simplicity and automation provided by the product. We have been committed to expanding our solutions and add products to be “all things HIPAA”. With the launch of the Privacy Risk Analysis, we now …
This is an example of a “hole” allowing unencrypted backup tapes to leave the facility and led to one of the largest ePHI breaches in history. Had they a solid HIPAA Risk Analysis covering encryption and ePHI disclosure policies, this breach would not had been a breach. Or shown due diligence to help convince the judge …
Earlier in September, 2011, Stanford University Hospital was fined $250K under HIPAA by the State of California. As Stanford U.H. filed an appeal, they were served papers with a $20M lawsuit. That is 20,000 (ePHI records) times $1,000 per record equals $20,000,000. http://www.healthdatamanagement.com/news/breach-hospital-notification-hipaa-privacy-43379-1.html?ET=healthdatamanagement:e2051:197714a:&st=email&utm_source=editorial&utm_medium=email&utm_campaign=HDM_Daily_101411 Per the article, “The lawsuit, seeking a $1,000 award for each affected patient, alleges violation of state law that …
Stanford University Hospital breach – UPDATE – From $250K file to $2.1M Read More »
Ok my blog isn’t dedicated solely to reporting breaches but another breach hit the news. Here is a statement from Indiana University: http://medicine.iu.edu/research/clinical-trials/media-alert-faqs/ HIPAA Risk Analysis requires any PCs that move around (i.e. laptop) be encrypted. This is item #1 on risks using laptops with ePHI on them. Bitlocker anyone? A related article on the …
Indiana University Health Data Breach Affects 3,000+ Read More »