A security risk assessment must be conducted to maintain HIPAA compliance per the Security Rule. A security risk assessment is also referred to as an SRA. It is a requirement for government plans such as Medicare, Obamacare, and Medicaid. It is also required for individual health care plans and employer-sponsored plans. Where to Start Identify...
The HIPAA Administrative Simplification provisions are in place to provide consistency in electronic communications within healthcare for Protected Health Information (PHI). These mandate the usage of standard transactions, code sets, and identifiers for the United States healthcare system. Who Must Comply? The most common organizations which must comply are healthcare clearinghouses, healthcare providers, and health...
The HIPAA Security Rule includes requirements for a security incident response plan that are important to know especially as the number of reported data breaches continues to rise. The Data Check Point Research provided a mid-year report on cyber attack trends that indicated a 69% increase in targeted healthcare data breaches between 2021 and 2022. ...
As we wrap up National Cybersecurity Awareness Month, we’re going to take a look at the importance of protecting your physical devices. The panic that sets in when you misplace your phone or laptop is overwhelming. But that feeling is amplified if that device contains patient information or access to it. When we mention your...
The HIPAA Security Rule mandates that covered entities must conduct a security risk assessment or SRA. This includes health care plans for individuals, government plans (Medicare, Medicaid, Obamacare), and employer-sponsored plans. Providers that conduct electronic health care transactions must comply with the Security Rule. This means conducting an SRA. It is recommended that this occurs...
The HHS Office for Civil Rights (OCR) has announced resolutions regarding three HIPAA violation investigations. These settlements result from a years-long emphasis on enforcing this regulation by the OCR. There were three dental practices that were given fines with regard to the potential violation of the HIPAA Privacy Rule’s patient right of access. Recently appointed...
Is Your Trash a HIPAA Violation? In the case of the New England Dermatology and Laser Center (NEDLC), their trash was a violation. And a costly one with a $300,640 fee attached. A security guard found a container with identifying information on the attached label. As a result, an investigation by the Department of Health...
Healthcare businesses need to be aware of the requirements that come with a cybersecurity insurance policy. In a world of online profiles, splashy websites, and great social media campaigns, businesses can misrepresent themselves in more ways than one. A great photo of your team or a full biography may help create patient trust, but it...
HIPAA Compliant Chat Being available to your patients 24/7 isn’t practical for most healthcare practices. Chat services can provide a response option or even resolution until normal business hours resume. Additionally, chats can offer initial patient care or registration services. As a HIPAA-covered entity or business associate, you must consider compliance when offering this service....
Portability in HIPAA There are many aspects of HIPAA. And sometimes there isn’t a clear understanding of what it covers. We also find that it is the “P” that often trips people up. Because of the strong emphasis on confidentiality, security, and safe handling of information, there is an assumption that the word Privacy is...
© 2026 · HIPAA Secure Now!
Recent Comments