You hear it over and over again. Covered Entity (CE) A failed to produce an ongoing risk assessment for HIPAA security compliance. CE B had an incomplete risk analysis, leading to a failure to recognize security weaknesses and vulnerabilities. And in come the fines.
What is big data? It's a way of saying there's a lot of information staring you and your organization in the face. But it's also a reality for the healthcare industry.
Despite gains in compliance and security potentially linked to industry emphasis on the HIPAA Omnibus Rule, some dangerous gaps remain regarding corporate email and file transfer habits.
The HIPAA Omnibus Rule, which includes modifications to the privacy and security rules, is in full effect now. And guess what? There's no reason to be terrified.
Q: My brother claims he read in his dentist's HIPAA statement that information was disclosed to CIA and other government agencies. I suspect that his dentist was editorializing, but wanted to check. Could you explain what should be included in a HIPAA statement that should be in physician/dentist offices? Can you direct me to the official statement?
