The first thing to keep in mind with all physical security site reviews is, that because your security risk assessment is required to be..
Security Risk Assessments, or SRA, can be difficult to navigate. Here are some best practices you can implement in your organization when conducting..
Completing your Risk Assessment is only the first step in the journey to secure Protected Health Information (“PHI”). A risk assessment simply..
Rightly or not, the Office for Civil Rights (“OCR”) has focused a great deal of attention on conducting periodic security risk analysis. OCR has..
Much time is spent by organizations trying to attain "HIPAA Compliance," but what that really means is often confused.
We do not often see criminal penalties for HIPAA, but when they do happen it can be important to take note. If you have not already, it might be..
Over the last several weeks we have discussed a wide variety of things you need to do maintain the privacy of Protected Health Information (“PHI”) and..
The decision to allow mobile devices to access and/or store PHI is a critical one. The ease of access to the information must be balanced with the..
No one likes to dwell on PHI being mishandled or inappropriately accessed, but it is important to have a plan if the situation does occur. Incidents..
In recent weeks 10 significant email hacking incidents were reported to the U.S. Department of Health and Human Services Office for Civil Rights. In..