OCR has focused so much on risk analysis that there is a common misperception in the industry that a risk analysis is the primary task needed to be..
The proper destruction of electronic Protected Health Information (“ePHI”) is often overlooked and, if done improperly, can lead to impermissible..
An often overlooked aspect of HIPAA compliance is the selection of a HIPAA Security Officer and HIPAA Privacy Officer. These roles are often filled by..
If you had a breach in 2017 that affected less than 500 individuals, the deadline to notify the U.S. Department of Health and Human Services (“HHS”)..
I frequently write about HIPAA enforcement by the Office for Civil Rights at the U.S. Department of Health and Human Services ("OCR"). However, there..
A recent survey indicated some interesting trends in ransomware attacks against small-to-medium size businesses (“SMBs”). According to the survey of..
Having patients access their health records has important clinical benefits, which is a significant reason why it is a right patients are provided in ..
The KRACK WIFI vulnerability was announced by security researchers and the US-CERT today. This vulnerability can affect every modern WIFI network and..