Blog Archives

It’s the people, people.

When developing training courses for Privacy and Security Awareness programs I keep trying to find new and different ways to get the important points across.  Real world examples seem to make the most impact when it comes to the participation in live training.  That got me to thinking…. It really is all about the people. […]

Read More

And the hits just keep on coming!

Takeaways: Yet another notice that HIPAA enforcement and liability is not something to keep putting off until later.  The web of liability means it is no longer just yourself you have to worry about being caught up in audits or breaches. And the hits just keep on coming!  She says dripping with sarcasm….. If you […]

Read More

Do Your BA Due Diligence

Long gone are the days that you pull down a template Business Associate Agreement and everyone just signs it.  BAs may not understand the extent of their obligations under HIPAA.  You need to confirm your agreements plus check what they are really doing to comply. I really don’t recommend blindly using a template agreement to […]

Read More

Seriously, HIPAA Enforcement Really is Changing

HIPAA was a big scary thing in 2003 and it turned out to be nothing but a waste of my time and money.  Don’t try to scare me with that again. I hear it often enough to feel pretty sure it is a belief many hold and only some voice.  Whether people say it outwardly […]

Read More

Why should you worry about patient’s privacy?

In a recent conversation at a MGMA conference an administrator said he hadn’t decided about HIPAA yet.  “He might just risk it. ” While I wasn’t seriously shocked by the comment, I felt serious concern for their patients. Sure, everyone has to decide what they are going to do concerning their obligation to comply.  There […]

Read More

HIPAA Audits: Coming Soon to an Office Near You

The OCR is reviewing the results of the 2012 pilot audits.  They have published the Audit Program Protocol so you know what to expect when they come for you. In Director Rodriguez’s interview with HealthcareInfoSecurity, he made some important points to note concerning the audits. Audits will begin in late 2013 or certainly by 2014 […]

Read More