H.R. 7898, sent to the President for signature on December 24, 2020 may be the HIPAA holiday gift covered entities and business associates have been waiting for. The bill
Continue Reading New Year Likely to Bring New Incentive for Cybersecurity Investment
NIST
HIPAA Security and “Zero Day” Exploits: How to Stay Ahead of the Hack
HHS Office for Civil Rights (OCR)’s April 3, 2019 cybersecurity newsletter highlights one of the more challenging cybersecurity vulnerabilities faced by covered entities and business associates. OCR reminds covered entities…
Continue Reading HIPAA Security and “Zero Day” Exploits: How to Stay Ahead of the Hack
HIP-HIP(AA)-HOORAY: Margaret Davino, Esq. Joins Fox Rothschild HIPAA Team and Offers 5 Tips for 2016 HIPAA Compliance
I’m sure fellow bloggers Bill Maruca and Michael Kline join me in giving three cheers for the recent growth in our firm’s health care practice (welcome, Minneapolis!) and…
Continue Reading HIP-HIP(AA)-HOORAY: Margaret Davino, Esq. Joins Fox Rothschild HIPAA Team and Offers 5 Tips for 2016 HIPAA Compliance
Patient Data Must Be Encrypted, Not “Camouflaged”, as Per FTC Settlement
Health care vendors beware: if you tell customers that your product provides industry-standard encryption of protected health information in compliance with HIPAA, you’d better be sure it doesn’t simply “camouflage”…
Continue Reading Patient Data Must Be Encrypted, Not “Camouflaged”, as Per FTC Settlement
Emailing PHI? NIST Seeks Comments on Trustworthy Email by November 30, 2015
When and how should you email PHI, if at all? The Office for Civil Rights (OCR) offers guidance as to the permissibility of sending PHI via email in this “Frequently…
Continue Reading Emailing PHI? NIST Seeks Comments on Trustworthy Email by November 30, 2015
5 Practical Steps for Business Associate Compliance
Congratulations! You have a HIPAA-compliant business associate (or subcontractor) agreement in place – now what? How can you implement the agreement without becoming a HIPAA guru?
There are many resources…
Continue Reading 5 Practical Steps for Business Associate Compliance
How the NIST Cybersecurity Framework Can Help With HIPAA Compliance: 3 Tips
As our partner Mark McCreary writes in his post describing the “Framework for Improving Critical Infrastructure Cybersecurity” published by the National Institute of Standards and Technology (NIST):
The Framework is
…
Continue Reading How the NIST Cybersecurity Framework Can Help With HIPAA Compliance: 3 Tips
Do I really need to report (or get a report on) every “Security Incident” under the sun to comply with HIPAA?
Under HIPAA, where do we draw the line between a run-of-the-mill, ordinary garden variety “security incident” and a “presumed breach” when it comes to reporting PHI events? How do we describe these types of reporting obligations in business associate agreements?
Continue Reading Do I really need to report (or get a report on) every “Security Incident” under the sun to comply with HIPAA?
OIG EHR Questionnaire Focuses on Fraud Safeguards
The OIG is conducting a survey of hospitals who have certified the meaningful use of Electronic Health Record (EHR) Technology, with an emphasis on safeguards that protect the EHR systems…
Continue Reading OIG EHR Questionnaire Focuses on Fraud Safeguards
Fox Rothschild to Participate at NIST and CMS Security Rule Conference
As HITECH refocuses the health care industry’s attention on security, the role of National Institute of Standards and Technology (“NIST”) in developing standards for health information security will become more …
Continue Reading Fox Rothschild to Participate at NIST and CMS Security Rule Conference