Tag Archives: OCR Audits

Recent HIPAA Settlements Points To Unencrypted Laptop Thefts

Posted on by Frank J. Rosello

Concentra Health Services, Addison, Texas, a subsidiary of Humana and a provider of occupational medicine and other health services, has agreed to pay the Office for Civil Rights more than $1.7 million in a federal Health Insurance Portability and Accountability … Continue reading

Posted in HIPAA Complicance | Tagged , , , , , , , , , , , , , , | Leave a comment

OCR Releases Details On Future HIPAA Audits

Posted on by Frank J. Rosello

The Department of Health and Human Services’ Office for Civil Rights will resume its HIPAA compliance audit program this fall with a limited number of narrowly focused “desk audits,” plus comprehensive on-site audits “as resources allow.” In contrast, the first, … Continue reading

Posted in HIPAA Complicance | Tagged , , , , , , , , , , , , | Leave a comment

OIG Report Finds OCR Security Failures

Posted on by Frank J. Rosello

It’s an ironic story. The Office for Civil Rights, the division of HHS responsible for investigating HIPAA privacy and security violations, is now facing scrutiny after its own security practices failed to meet federal requirements. Not only did OCR fail … Continue reading

Posted in HIPAA Complicance | Tagged , , , , , , , , , , , , , , , , , , , , , | Leave a comment

OCR Director Says Patients’ Interests Define HIPAA Enforcement Priorities

Posted on by Frank J. Rosello

The timing was perfect. On September 23, the same day that the HIPAA Final Rule on Privacy & Security kicked in, Office of Civil Rights director Leon Rodriguez spoke at the HIMSS Media and Healthcare IT News Privacy and Security … Continue reading

Posted in HIPAA Complicance | Tagged , , , , , , , , , , , , | Leave a comment

What To Expect With HIPAA Omnibus Rule Enforcement

Posted on by Frank J. Rosello

Although the long anticipated Sept. 23 enforcement date for the HIPAA Omnibus Rule has arrived, many healthcare information security experts don’t anticipate an immediate surge in crackdowns on those who are not in compliance. There is strong reason to believe … Continue reading

Posted in HIPAA Omnibus Rule | Tagged , , , , , , , , , , , | Leave a comment

Best Practices On Avoiding Large OCR HIPAA Fines

Posted on by Frank J. Rosello

What determines the size of a penalty for HIPAA violations? The key factors are the lack of a timely risk assessment and the failure to address ongoing security issues, says Leon Rodriguez, director of the Department of Health and Human … Continue reading

Posted in HIPAA Complicance | Tagged , , , , , , , , , , , , | Leave a comment

OCR Audits Find Widespread Lack Of Understanding Of New HIPAA Data And Security Rules

Posted on by Frank J. Rosello

Simply knowing all the rules could prevent many of the problems plaguing data security and privacy among healthcare providers and insurers.Nearly one-third of the 980 problems that HHS’ Office of Civil Rights uncovered during privacy and data-security audits of 115 … Continue reading

Posted in HIPAA Complicance | Tagged , , , , , , , , | Leave a comment

Best Practices For Being OCR Audit Ready

Posted on by Frank J. Rosello

Healthcare information security staffers rightly worry about OCR audits and want to prepare their facilities for an assessment. But how do you best measure the progress of your security program? Alain Bouit, director of IT security at Adventist Health, a … Continue reading

Posted in HIPAA Complicance | Tagged , , , , , , , , , , | Leave a comment