Blog Archives

Danger, Will Robinson!

Have you read the FBI Cyber Division warning to the healthcare industry?  There really isn’t anything surprising in there to many of us who work in the medical industry.  The report itself kind of acknowledges it will fall on deaf ears. Hence the title of this article because the catchphrase comes to mind when I […]

Read More

So, I was checking my crystal ball…..

I needed to write an article and was looking for ideas and figured the crystal ball thing worked so well I should check it again.  Really, no, I didn’t use one but it sure felt like it when I read the notice published about the Baylor Medical Center’s breach. Baylor Regional Medical Center has notified 1,981 […]

Read More

Breach Is Gonna Get You!

Gamblers spend years and fortunes trying to “beat the odds” often to no avail.  They know they are taking a major risk but they are looking for the big payoff.   If you are a numbers person, you boil things down to statistics or dollars and cents.  Those numbers help you make decisions based on […]

Read More

HHS Resolution Theme Song Nomination: I’m Henry the Eighth, I Am

The resolution agreement with Adult & Pediatric Dermatology seems like the problems have mostly been heard before.  It isn’t new, they seem to all have a similar verse.  Therefore, I nominate the Herman’s Hermits tune I’m Henry the VIII, I Am as the official theme song to be played when the next one is announced. Actually, […]

Read More

A Cloud Based EMR Does Not A Compliant Entity Make

Recently, a question came up that involved entities that said they are perfectly fine with HIPAA compliance because they use a cloud based EMR (or EHR) who takes care of all their HIPAA compliance for them. A discussion ensued ending with the question:     This can’t really be true, can it? I suppose someone […]

Read More

The Law Says We Should All Freak Out At The Same Time

In a recent session I conducted on the Omnibus Rule, I was answering questions from the audience. I tend to add humor to my sessions as much as possible. HIPAA isn’t a topic especially worthy of attentiveness on Saturday morning at 9am.  The question was about how do you handle a breach you need to […]

Read More

Wellpoint Resolution Provides More Valuable Lessons

I have written before about learning from others mistakes. I know many folks in the small CE and BA world brush off the news of the $1,700,000 Wellpoint Settlement as something that happens only to the big guys. There is so much to learn here, I hope you will take a minute to see why […]

Read More

Encryption is the Key to HIPAA’s Security Rule Heart

So you’ve heard the presentations, classes and consultants tell you that you should encrypt everything.  Encryption is also a security rule standard that is listed as addressable, not required.  Let’s talk about what all that means. You must address encryption as part of your HIPAA security plan and documentation.  You don’t have to have encryption up and running […]

Read More

Plan of Attack for HIPAA 2.0

Where do you get started with all these changes? It is important to understand that HIPAA 2.0 compliance means more than just having an annual training session and a book of policies on the shelf.  HIPAA 2.0 means regular training in all areas of your business and documentation of everything including regular reviews of your […]

Read More