Sign in

News and Toolkit Updates

1

Recent breach shows importance of BA agreements

Carefully managing your Business Associates (BA) agreements is important. At PrivaPlan we can’t emphasize that enough. The following story illustrates why. As if going to the dentist doesn’t cause enough anxiety, last week 4300 dental patients learned that their personal records may have been compromised. Massachusetts General Hospital (MGH) in Boston contacted the patients about…

2

Final Guidance from OCR released on De-identification of PHI!

De-identification of PHI has become an increasingly complex issue and requirement with the increased use of electronic health records, health information exchanges and related. The Office of Civil Rights has been working on update guidance on methods of de-identification for some time. The final guidance is now available.

3

If you’re complying with HIPAA, you should be able to meet Stage 2 of Meaningful Use

The proposed certification rule included particular technical requirements when dealing with patient requests to amend their electronic data. The final rule allows for more flexibility in this technical capability.

From the PrivaPlan Blog

26

Latest HIPAA settlement proves why managing security risk is critical

St. Joseph Health will pay $2.14 million for HIPAA violations, serving as an unfortunate example of why managing security risk is critical.

27

OCR releases guidance on Cloud Computing and HIPAA

The OCR released a guidance on October 6 that attempts to clear things up regarding cloud service providers and HIPAA.

28

Latest HIPAA settlement shows importance of up-to-date BA agreements

On Sept. 23, 2016, the OCR announced its second HIPAA enforcement action against a business associate to the tune of $400,000. The hospital had previously entered into a settlement of $150,000 for its part in the breach.

29

Join Oct. 12 webcast: BAs, HIPAA Risk Management

More and more, HIPAA breaches are caused by the Business Associates of HIPAA covered entities. Learn how to manage these risks in Oct. 12 webcast.

30

OCR is stepping up its investigations of smaller breaches

The OCR has begun an initiative to more widely investigate the root causes of smaller breaches affecting fewer than 500 individuals.

31

Data breach at Banner Health affects 3.7 million

News of a massive data breach at Banner Health continues to make headlines since first being announced Aug. 3.

32

OCR Desk Audits are beginning

This week selected covered entities began receiving notification letters for Phase Two of OCR’s HIPAA audit program which involve desk audits.

33

Sign up for June 20 webcast: MACRA + MIPS, Education and Action Planning

Join David Ginsberg, CEO of PrivaPlan Associates, Inc., as he addresses the not-so-distant future of Medicare payment reform and how this will affect meaningful use and planning for certified electronic health records.

34

Recent breach shows importance of BA agreements

Carefully managing Business Associates agreements is important. Take a lesson from the breach of 4300 patient files through a vendor of a Boston hospital.

35

Plaintext data compromises patient info

A hacker claims to steal nearly 10 million patient records using readily available plaintext data. How can you protect patient info?

36

David Ginsberg explains new HIPAA audits in webinar

PrivaPlan President David Ginsberg leads June 28 webinar hosted by CORHIO about new HIPAA audits of covered entities and their business associates.

37

Can you name 10 technologies with the greatest vulnerabilities?

There are 10 technologies emerging in the next five years with the greatest vulnerabilities in terms of cybersecurity, finance, personal health and safety. Two directly impact the health care industry.

38

Lack of HIPAA Business Associate Agreement is costly

Putting off a HIPAA Business Associate Agreement puts sensitive health information at risk of being misused or improperly disclosed. That’s certainly not good, and neither is the steep financial penalty you could incur for overlooking this critical step.

39

The 5 enemies of healthcare IT security

We know we have an important job to do in healthcare IT, especially in keeping the greedy little hands of cyber attackers out of the personal files of patients and providers. A recently released report from Critical Infrastructure Technology backs this up.

40

AMA’s top 9 list includes focus on health IT

This month the American Medical Association (AMA) released a list of the nine top issues they believe physicians should watch in the coming year and why, and what the AMA is doing to address the issues. We’re going to look at the two that call out health IT.

41

How do you handle patients who bring in their medical records on USB drives?

The proliferation of Electronic Health Records, patient health portals and the general increase in digital medical information has resulted in an increasing number of patients who bring their medical records to their providers of care, using some form of computer media like a USB drive.

42

PrivaPlan’s CEO David Ginsberg receives distinguished award from WEDI!

At their 2012 Fall Conference, the Workgroup for Electronic Data Interchange (WEDI) awarded a distinguished service award to David Ginsberg our CEO of PrivaPlan for being a co-chair of the Privacy and Security strategic national implementation plan workgroup.