Under HIPAA, where do we draw the line between a run-of-the-mill, ordinary garden variety “security incident” and a “presumed breach” when it comes to reporting PHI events? How do we describe these types of reporting obligations in business associate agreements?
Continue Reading Do I really need to report (or get a report on) every “Security Incident” under the sun to comply with HIPAA?
National Institute of Standards and Technology
Fox Rothschild to Participate at NIST and CMS Security Rule Conference
By Fox Rothschild LLP on
As HITECH refocuses the health care industry’s attention on security, the role of National Institute of Standards and Technology (“NIST”) in developing standards for health information security will become more …
Continue Reading Fox Rothschild to Participate at NIST and CMS Security Rule Conference