Blog Archives

Plan Your HIPAA Tasks For 2016

Are you already looking forward to that summer vacation? Do you have it circled in red on your office calendar so your co-workers can see it (and be a little bit jealous?). Although they’re not circled in red, you likely also have times blocked off on your calendar for a dentist visit, an annual physical, […]

Read More

In the zone or just zoned out?

Working with our clients we see similar difficulties in the small and larger organizations. The number one issue in almost every case is having educated, supported, resources available to manage and monitor the Privacy and Security activities and requirements of the organization. Training, monitoring, and regular analysis is what is required to stay on top […]

Read More

We can do this. It’s easy.

An iconic symbol of on-the-job hilarity is the I Love Lucy episode in the candy factory.  The vision of Ethel and Lucy shoving candy in their mouths, tops, and hats as the conveyor belt moves past can’t help  but make you laugh. Vivian Vance and Lucille Ball ham it up at the chocolate factory in […]

Read More

They want what!?

Takeaways: No longer are small providers “too small” for OCR to conduct a breach investigation. In an article concerning a breach investigation a copy of the information requested in the OCR letter was included. The items were to be supplied within 20 days. When I showed the list to others they had a look similar […]

Read More

Business Associate Agreement – Yours, Mine, or Ours?

Takeaways: Updated BAA deadline is Sept 23, 2014 and 5 Tips for managing your BAAs. Who is really in control of the content of the Business Associate Agreements to be signed? It has been a frequent question now that BAAs are required everywhere.  Just who gets to control what is in the BAA gets down […]

Read More

Heartbleed HIPAA Documentation

If you haven’t considered your HIPAA requirements for Heartbleed yet you should probably get started sooner rather than later.  If you don’t run a site that needed a patch you almost certainly use one or more on a regular basis.  This is a perfect time to create nice clean issue resolution documentation to show that […]

Read More

HHS Resolution Theme Song Nomination: I’m Henry the Eighth, I Am

The resolution agreement with Adult & Pediatric Dermatology seems like the problems have mostly been heard before.  It isn’t new, they seem to all have a similar verse.  Therefore, I nominate the Herman’s Hermits tune I’m Henry the VIII, I Am as the official theme song to be played when the next one is announced. Actually, […]

Read More

Simple HIPAA Checklist – Well Sort of

I am very behind on my blogs lately due to a lot of distractions at work and at home.  I can really relate when a client asks me why I can’t just make a simple HIPAA checklist.  That is what they really need and want because they are just too busy dealing with all the […]

Read More

Do Your BA Due Diligence

Long gone are the days that you pull down a template Business Associate Agreement and everyone just signs it.  BAs may not understand the extent of their obligations under HIPAA.  You need to confirm your agreements plus check what they are really doing to comply. I really don’t recommend blindly using a template agreement to […]

Read More

Encryption is the Key to HIPAA’s Security Rule Heart

So you’ve heard the presentations, classes and consultants tell you that you should encrypt everything.  Encryption is also a security rule standard that is listed as addressable, not required.  Let’s talk about what all that means. You must address encryption as part of your HIPAA security plan and documentation.  You don’t have to have encryption up and running […]

Read More