Blog Archives

Compliance Officer Training Shouldn’t Be Skipped

Know what you need to know? You don’t know what you don’t know, which is why compliance training is so important for your compliance officer. Unfortunately for you, ignorance of the rules is not a defense. Actually, it used to be, but that’s a story for another day. You also don’t want to say, “It’s […]

Read More

In the zone or just zoned out?

Working with our clients we see similar difficulties in the small and larger organizations. The number one issue in almost every case is having educated, supported, resources available to manage and monitor the Privacy and Security activities and requirements of the organization. Training, monitoring, and regular analysis is what is required to stay on top […]

Read More

So, I was checking my crystal ball…..

I needed to write an article and was looking for ideas and figured the crystal ball thing worked so well I should check it again.  Really, no, I didn’t use one but it sure felt like it when I read the notice published about the Baylor Medical Center’s breach. Baylor Regional Medical Center has notified 1,981 […]

Read More

Who is Phishing for your PHI?

An email arrives in your inbox tomorrow from someone working at one of the large insurance companies.  It tells you that someone has attempted to make changes to your information on their systems.  It is very specific because it uses your name and says they feel certain it was due to an attempted hack on […]

Read More

HHS Resolution Theme Song Nomination: I’m Henry the Eighth, I Am

The resolution agreement with Adult & Pediatric Dermatology seems like the problems have mostly been heard before.  It isn’t new, they seem to all have a similar verse.  Therefore, I nominate the Herman’s Hermits tune I’m Henry the VIII, I Am as the official theme song to be played when the next one is announced. Actually, […]

Read More

Privacy Rule under HIPAA 2.0: Is it easier to just start over?

Changes to the Privacy Rule under the Omnibus Ruling require ALL CEs update and distribute their Notice of Privacy Practices (NPP).  There is no option, it is stated specifically.  A review of the changes makes it obvious why updates must be done, though. The original HIPAA Privacy Rule was written in 1996.  Science and technology […]

Read More

Plan of Attack for HIPAA 2.0

Where do you get started with all these changes? It is important to understand that HIPAA 2.0 compliance means more than just having an annual training session and a book of policies on the shelf.  HIPAA 2.0 means regular training in all areas of your business and documentation of everything including regular reviews of your […]

Read More