Could this breach have been prevented? – A new series

Could this breach have been prevented? – A new series One of the first lessons of process improvement is that preventing errors is much less expensive and time-consuming than remedying the damage after the fact. The same is true for an information breach. The time and cost for installing new software, training staff members, and reinforcing policies and procedures pales in comparison to cleaning up the damage of an information privacy or security breach. Recent headlines of multi-million-dollar ...

MACRA/HIPAA: Ignorance of the Law Is No Excuse

  Many physicians believe HIPAA is a total waste of their time and money.  That's because they think it's the federal government trying to force them to do something that they don't need to be doing.  But, that's not the intent of the HITECH and OMNIBUS rulings.  Much of the compliance that was put into place was because of the implementation of EMR/EHR systems in the healthcare industry.  The federal government's Meaningful Use program even paid covered entities to transition from paper to ...

Missing the Target of HIPAA – Part 3

If you haven't read my previous two blogs on this topic I encourage you to do so.  The first blog stresses the importance of being risk management proficient over being a HIPAA “expert”. The second blog deals with being accountable in your work actions, which means not only are you responsible for your actions, but your actions can be independently verified.  These two “factors” can go a long way to protecting your organization from the risks of a breach and from substantial penalties and fine ...

5 Tips for Creating an Information Security Culture

Engaging clinical staff in information security can be an uphill challenge. For people doing the tangible, social, and physical work of healthcare, a Security Officer’s cautions regarding the invisible threat of cyber-theft can seem like science fiction paranoia. Further, among the healthcare practitioners who do recognize information security as a relevant concern, a substantial number still see it as an “IT issue.”  And finally, as if those barriers weren’t enough, the mere mention of “HIPA ...

HIPAA’s “Last Mile” Challenge

The phrase “last mile” is commonly used across many industries to denote the final leg of a project or process - reaching the goal! More often than not, it’s referring to the most difficult part of the journey.  In logistics, it is delivering your iPhone made in China to your doorstep in rural Texas.  In the communications industry, it is installing the last few hundred yards of new optical fiber cabling for high speed internet to your home or office that is extremely costly and disruptive.  And li ...

Value Proposition of a Next-Generation Compliance Platform (2 of 2)

This is the second in a two part series concerning the value of compliance.  Our mission is, Worry-Free Compliance, to help you obtain a culture of compliance through normal business operations.  Our vision is to reduce the complexity, cost and burden of HIPAA compliance using a next-generation compliance management platform. What does a next-generation management platform provide?  Here's a list: Complete Manages the entire compliance process Maintains custom policies and procedure ...

Protect your patients, protect your practice, protect yourself.

The healthcare industry is beginning to realize that HIPAA is here to stay and they are probably going to be audited sooner or later.  What physicians and all healthcare providers need to understand is that if you don't protect your patients' PHI/ePHI the following can happen to your patients as a result of their identity being stolen and used. NOT Protecting Your Patients' (PHI/ePHI): You can cause them financial difficulties or even financial ruin. You can cause them undue stress, even a str ...

Achieving Your HIPAA Gold Medal

With the 2016 Summer Olympics in full swing I thought it apropos to use the analogy of achieving a gold medal to obtaining HIPAA compliance.  I know, not really fair or nice to the Olympics and Olympians, but it makes a decent blog post and a good analogy.   So, bear with me and work on achieving your HIPAA gold medal. Vision You need a clear vision.  You will obtain your goal of being HIPAA compliant.  You need to clearly understand what that requires.  Take our Free Risk Assessment to better un ...

Is HIPAA Worth It?

HIPAA is yet another government mandate for American healthcare businesses to address.  We all know it's time consuming, requires a lot of effort to learn, stay current on and to implement.  Plus, it's costly.  But, is it worth it?  Does it truly help the covered entity or business associate in the long run.  You might be surprised by the answer. The simple answer is ABSOLUTELY. First, let's look at HIPAA goals. Basic Goals of HIPAA Portability: To allow patients to transfer their records ...

Third Rock Announces CompassDB™ – A Comprehensive Compliance Management Platform

Austin, TX, - Aug. 3, 2016 – Third Rock, provider of HIPAA Worry-Free Compliance™, announced CompassDB™ their compliance management platform.  CompassDB™ is designed to significantly reduce the cost and burden of HIPAA compliance for all parties involved.  Consulting firms who provide compliance services, and the clients, Covered Entities and Business Associates on which HIPAA regulations are focused, all will benefit. CompassDB™ is a cloud solution that provides safe, secure, web based s ...

1 2