Third Rock Recognized at Austin Recovery’s 50th Anniversary Event

Third Rock Recognized at Austin Recovery's 50th Anniversary Event Round Rock, TX, July 25, 2017 – On May 5th, Austin Recovery celebrated its 50th Anniversary with a luncheon gala at the Shalom Austin Jewish Community Center in Austin, TX. At the event, they recognized Third Rock, Incorporated and its partner Nivola Healthcare Solutions for their work and donations supporting the organization’s HIPAA compliance activities and related information security practices. Austin Recovery requested Third R ...

HHS OCR: PHI Security is your top priority

If you haven't noticed, cybersecurity is a major issue in the world, politically, economically, and even personally.  No one wants their identity stolen.  No business wants to deal with customer (patient) retaliation caused from losing their personal health information, whether it's boycotting, bad press, negative social media or a class action lawsuit. In general the U.S. government is taking action to help protect small businesses by requesting a new standard cybersecurity guide be written by the Nat ...

Missing the Target of HIPAA – Part 3

If you haven't read my previous two blogs on this topic I encourage you to do so.  The first blog stresses the importance of being risk management proficient over being a HIPAA “expert”. The second blog deals with being accountable in your work actions, which means not only are you responsible for your actions, but your actions can be independently verified.  These two “factors” can go a long way to protecting your organization from the risks of a breach and from substantial penalties and fine ...

Why your Meaningful Use SRA is not enough

Many covered entities had a high level Security Risk Analysis (SRA) performed to "check the box" for meeting the Meaningful Use requirement.  The HHS OCR has now performed enough audits, however, to know that a risk assessment isn't enough - Covered Entities need to take corrective action. With MACRA and HIPAA both requiring an SRA and HIPAA requiring a prioritized list of risks, corrective action plans, and a risk management process, it's time to have a proper risk assessment performed and take cor ...