Are you a covered entity (CE) or business associate (BA) as defined by HIPAA? There are literally millions of organizations in the U.S. that fall under these definitions, and possibly additional millions of BAs outside of the U.S. providing services to U.S.-based CEs. The impact is significant, and truly world-wide. If you are a CE or BA, did you know that your information security and privacy activities, or lack thereof, could cause physical harm to patients and insureds, and that you can receive significant penalties under the new HIPAA rules based upon those impacts? (more…)