I just got a notice from the U.S. Department of Health and Human Services (HHS)…
New HIPAA Security Information on the CMS website
“On February 20, 2008 The Office of E-Health Standards and Services (OESS) within CMS posted a document called Information Request for Onsite Compliance Reviews. OESS recently procured contracted services to assist with onsite compliance reviews related to potential HIPAA Security Rule violations. To ensure that the industry has an idea of the type of information OESS might request during these reviews, OESS developed a sample security checklist, which highlights several areas of vulnerability associated with the security of electronic protected health information.”
I haven’t looked at the security checklist yet, but it will be interesting to see what it has within it.
Tags: awareness and training, CMS, HHS, HIPAA, Information Security, IT compliance, OESS, policies and procedures, risk management, security awareness, security rule, security training