Tag Archives: OCR

Newer posts →

Best Practices For Being OCR Audit Ready

Posted on April 15, 2013 by Frank J. Rosello

Healthcare information security staffers rightly worry about OCR audits and want to prepare their facilities for an assessment. But how do you best measure the progress of your security program? Alain Bouit, director of IT security at Adventist Health, a … Continue reading

Posted in HIPAA Complicance | Tagged , , , , , , , , , , | Leave a comment

OCR To Solicit Feedback About HIPAA Compliance Audits

Posted on April 12, 2013 by Frank J. Rosello

The top federal healthcare privacy and security regulator wants to know what officials from more than 100 organizations that have undergone privacy and security audits thought of the process and what can be done to improve it. The office will … Continue reading

Posted in HIPAA Complicance | Tagged , , , , , , , , , | Leave a comment

HIPAA Omnibus Rule Will Bring More Enforcement

Posted on April 9, 2013 by Frank J. Rosello

The HIPAA Privacy and Security final rule — also known as the HIPAA Omnibus Rule — became effective March 26. We predict enforcers will have a heyday with expanded ability to crack down on providers and their business associates. The … Continue reading

Posted in HIPAA Privacy and Security Rule | Tagged , , , , , , , , , , , , , | Leave a comment

HIMSS13 Update – OCR Director Discusses HIPAA/HITECH Compliance

Posted on March 8, 2013 by Frank J. Rosello

It’s about the patients, it’s about safeguarding privacy, and it’s about trying to avoid making the same mistakes twice, said Office for Civil Rights Director Leon Rodriguez to hundreds of HIMSS13 attendees Monday morning at “A Dialogue On HIPAA/HITECH Compliance: … Continue reading

Posted in HIPAA Complicance | Tagged , , , , , , , , , , , , , , , , , , , , | Leave a comment

OCR Transforming Itself To An Enforcement Organization

Posted on January 22, 2013 by Frank J. Rosello

I don’t do risk assessments; I assess risk,” said Sharon Finney, corporate data security officer at Adventist Health System, speaking at the December 2012 Healthcare IT News/HIMSS Media Privacy & Security Forum in Boston. There’s a difference. One happens on … Continue reading

Posted in HIPAA Complicance | Tagged , , , , , , , , , , , , , , , , , , , , | Leave a comment

World Renowned Cancer Center Reports Third PHI Data Breach in 2012

Posted on August 20, 2012 by Frank J. Rosello

The MD Anderson Cancer Center at the University of Texas has sent letters to about 2,200 patients whose unencrypted medical records may have been compromised on a lost thumb drive. It’s the third possible data breach this year for the … Continue reading

Posted in PHI Data Security | Tagged , , , , , , , , , | Leave a comment

OCR Wramps Up HIPAA Privacy and Security Audits

Posted on July 5, 2012 by Frank J. Rosello

Federal enforcers are preparing to audit healthcare organizations for how well they establish and follow privacy and security practices and data breach notification standards. The Office of Civil Rights published the procedures to be assessed when examiners conduct performance audits … Continue reading

Posted in PHI Data Security | Tagged , , , , , , , , , , , , | Leave a comment

OCR Reminds Patients About Legal Right To Access Medical Records

Posted on June 26, 2012 by Frank J. Rosello

The administration’s top enforcer of health information privacy and security has issued an official reminder that patients have a legal right to access their medical records, and they should use it. Patients can also print the single-page memo to take … Continue reading

Posted in Health IT Policy | Tagged , , , , , , , , , , , , , , , , | Leave a comment Newer posts →