It seems there are more and more stories related to patient privacy and HIPAA popping up lately. Today another story caught my eye related to them.
Posts Tagged ‘HHS’
HIPAA, The Insider Threat & Prison Time
Thursday, October 11th, 2007Another Hospital Suspends Staff For Violating HIPAA Requirements
Wednesday, October 10th, 2007A couple of weeks ago I blogged about the Ivinson Memorial Hospital applying sanctions to their staff for violating HIPAA requirements.
They have set a good example…another hospital has also applied sanctions…suspending 27 of their staff members for violating HIPAA requirements.
A Hospital Actively Enforcing HIPAA Requirements!
Saturday, September 29th, 2007It is great to see a story published about a hospital, actually any type of organization that is a covered entity (CE), that is actively and seriously trying to be in compliance with HIPAA requirements.
The First Ever HIPAA Audit: Where’s The Report? Does It Have Beef?
Wednesday, September 12th, 2007Gosh, I just had a flashback to the “Where’s the Beef” commercial from years ago… 🙂
The U.S. Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule went into effect in April, 2001, and gave covered entities (CEs) two years to get into compliance. The HIPAA Security Rule went into effect in April 2003 and CEs had until April 2005 to get into compliance.
HIPAA & 4 Lessons From an Insider Threat Example: Former Healthcare IT Manager Hacks Into System and Deletes PHI
Monday, September 10th, 2007There are so many ways in which bad things can happen with the authorized access personnel and business partners have to sensitive data, personally identifiable information (PII), and business systems. Many times the bad things that happen are a result of a lack of awareness of how to properly protect information, a result of mistakes, or a result of malicious intent. Here is just one more example to add to your file of actual insider threat incidents.
HIPAA & 4 Lessons From an Insider Threat Example: Former Healthcare IT Manager Hacks Into System and Deletes PHI
Monday, September 10th, 2007There are so many ways in which bad things can happen with the authorized access personnel and business partners have to sensitive data, personally identifiable information (PII), and business systems. Many times the bad things that happen are a result of a lack of awareness of how to properly protect information, a result of mistakes, or a result of malicious intent. Here is just one more example to add to your file of actual insider threat incidents.
HIPAA Violation in Divorce Proceeding?
Friday, July 13th, 2007Emergency and Disaster Planning: Government Establishes a Limited Time Pandemic Flu “Blog Summit”
Friday, May 25th, 2007Ever since talk of the bird flu pandemic started making the news in 2005, information assurace folks have talked about how this could affect them and their efforts. There have been some very interesting viewpoints and insights. Most related to the loss of availability of personnel needed for the business to continue to function, loss of access to vendors, and to outsourced entities, and other emergency management and disaster recovery issues.
When you start thinking about it and brainstorming with your colleagues you discover there truly are many related information assurance issues.
HIPAA: More Changes and Initiatives by HHS
Thursday, April 26th, 2007I’ve been reading so much about HIPAA lately; no enforcement actions yet, but a lot of changes, proposals and initiatives.
Two more I read about recently:
HIPAA: Advisory Workgroup Proposes PHI Security and Privacy Requirements Should Apply to All Organizations
Monday, April 23rd, 2007The Department of Health and Human Services (HHS) has a Confidentiality, Privacy, and Security Workgroup, also known as the American Health Information Community, that is made up of practitioners, IT folks, lawyers and other leaders outside of the government who want a say in how protected health information (PHI) is safeguarded, shared, and otherwise handled.