To date the Centers for Medicare and Medicaid Services (CMS) has not actively pursued HIPAA Security Rule compliance. Instead they have depended upon complaints to drive their investigations. However, as this article nicely points out, depending upon patients and healthcare workers to complain about problems leaves MANY HIPAA non-compliance issues…including significant information security and privacy vulnerabilities…dangerously unknown…
Posts Tagged ‘compliance’
CMS Gets Heat Over Not Actively Enforcing HIPAA
Tuesday, November 18th, 2008Privacy Poll Closing *SUNDAY*…Please Click a Button!
Thursday, August 2nd, 2007Thanks to those of you who have taken the privacy poll on the right-hand side of this page! If you haven’t yet…please, pretty please, do! I had planned for this to close on Friday, but now it will close on Sunday. I’ll post a new poll weekly to run from Monday through Sunday, and each week afterwards.
Do You Think Privacy Is Really Dead?
Saturday, July 28th, 2007I occasionally post to the Cutter Consortium blog, and the recent topics there have involved privacy.
Carnegie Mellon’s Data Privacy Head Urges Development of New Privacy Technologies
Wednesday, July 11th, 2007I enjoy reading Scientific American Magazine. And I especially am interested in reading their articles that touch upon, or directly address, information security, privacy or compliance. It is always nice to see the views of practitioners, educators, researchers and others who are not on the typical information security circuit of publications.
The Importance of Policies…Breathalyzer = Drug Test = Physical Search = 4th Amendment Violation?: Iowa High School Students Given Breathalyzer Tests at the Prom
Thursday, May 10th, 2007I’m always interested in reading about information security and privacy issues reported here in the heartland.
A story in my local daily paper, the Des Moines Register, caught my eye and filled my thoughts today and points out, among other things, the importance of having policies and communicating them.
How Encryption Supports Compliance
Sunday, April 30th, 2006In this episode I discuss how encryption supports compliance as well as effectively protects personal information. Encryption is an under-utilized security tool. Considering the infinite number of today’s risks, threats and vulnerabilities, encryption can effectively keep unauthorized individuals and systems from accessing sensitive information and thwart many types of attacks. In today’s business environment with sensitive information being stored in multiple locations, many of them mobile, encrypting information is an effective privacy safeguard organizations can add to their arsenal of safeguard tools. I also discuss incidents that occurred and how the laws, regulations, and regulatory bodies encourage the use of encryption.
