Is your HIPAA Security and HITECH audit program in order?
February 20, 2012, Andrew Hicks, Managing Principal, Coalfire
Healthcare organizations have been working towards HIPAA and HITECH compliance for a few years now. “Surprise” HIPAA compliance audits conducted by the OCR have begun and at Coalfire we’ve come across some gaps that have led organizations to fall short of their compliance initiatives.
Viruses and Vendors Can Put Healthcare Data At Risk
August 09, 2011, Andrew Hicks, Managing Principal, Coalfire
A recent article in Healthcare Security Info highlights that computer viruses can cause security breaches, that can then in turn compromise health care data and potentially violate the HIPAA and HITECH Act regulations. Beth Israel Deaconess Medical Center in Boston had to notify more than 2,000 people that a computer virus sent data, including medical record numbers, names, etc. to an undisclosed location.
HIPAA Compliance and Call Centers
June 09, 2011, Rick Dakin, CEO, Co-founder and Chief Security Strategist
In a previous post titled Is It Safe to Speak? Protection for Telephone-Based Payment Card Data, I commented on the PCI SSC new requirements for call center operations and recording systems.
Call center security has been a hot topic for a long time. How safe is the information that is given over the phone? Especially in the healthcare industry, patient privacy is paramount.
They Changed What? HIPAA & HITECH
May 24, 2011, Andrew Hicks, Managing Principal, Coalfire
In 1996, the Healthcare Insurance Portability and Accountability Act (HIPAA) opened the door to increased exchanges of healthcare information in an effort to improve care and reduce costs. The Act included new provisions for protected health information (PHI). Since there are only a few limited reviews and enforcement efforts, the effectiveness of the implementations have remained open.