Last year, Congress directed the Secretary of Health and Human Services (HHS) to take into consideration efforts by organizations subject to HIPAA security standards (“covered entities” and “business associates”) to implement “recognized security practices” whenever HHS determines fines and other remedies for HIPAA security violations. …the Secretary shall consider whether the covered entity or business…
The Office of the National Coordinator for Health Information Technology (ONC), in collaboration with the HHS Office for Civil Rights (OCR) just posted an updated Windows only version of its HIPAA risk assessment tool (SRA). I know; lots of exciting acronyms, abbreviations, and labels! You can download the new software on the government’s Health IT…
The Center for Children’s Digestive Health (CCDH) signed over a $31,000 check to the Department of Health and Human Services (HHS) to settle HIPAA violations. CCDH freely provided nearly 11,000 records containing protected health information (PHI) to the company FileFax, Inc. for long-term storage. The issue is not that CCDH transferred the records but that…
