HIPAA Archives

  • Managing third-party service providers, or vendors is an ongoing legal and contractual obligation for all businesses. While there is no “one size fits all” risk management program, there are a lot of great checklists and recommendations available. Checking a few resources before signing a new vendor service agreement and setting up a Google Alert orRead more…

  • Even though businesses of all sizes are targeted by hackers, small businesses and practices make up approximately 70% of data breaches due to cyberattacks. Patient information is very valuable and small businesses often have less protection than large businesses do in cybersecurity. Strengthen the human element Training employees is one of the best defenses againstRead more…

  • October is the national cybersecurity awareness month, and we take cybersecurity seriously at TMC. This year’s theme “will focus on key areas including citizen privacy, consumer devices, and e-commerce security.” But rather than talk about cybersecurity, get into the spirit with a quick word search! Feel free to print this out and share it withRead more…

  • The Department of Health and Human Services Office for Civil Rights (OCR), has reported a staggering increase since this time last year of all forms of breaches of patient PHI. Note: These figures do not include any 2019 breaches that involved fewer than 500 individuals. A covered entity must notify the Secretary of a PHIRead more…

  • Managing third party service providers, or vendors, is an ongoing legal and contractual obligation for all businesses. While there is no “one size fits all” risk management program, there are a lot of great checklists and recommendations available. Checking a few resources before signing a new vendor service agreement and setting up a Google AlertRead more…

  • All of us have routines at home and at the office. Routines are often done “on autopilot,” because we don’t have to think much about them. This might apply to a lot of the tasks you do every day like walking to the printer, sending a fax, email, or filing. However, from a privacy andRead more…

  • Safeguarding your patients’ protected health information (PHI) is a critical part of your everyday routine. What about when you leave the office? Your healthcare, financial, and other personal information require thoughtful handling, too. As reported in the Becker’s Hospital Review in February 2019, an individual’s healthcare record can sell for up to $1,000 on theRead more…

  • On May 24, the HHS Office for Civil Rights (OCR) released a new fact sheet for Business Associates explaining their liability for HIPAA compliance. OCR is the government enforcement agency for HIPAA compliance. They have the authority to take enforcement action against business associates for failing to comply with requirements and prohibitions. Since the implementationRead more…