Talking To The Boss About HIPAA

How do you talk to the boss about HIPAA? That is a regular question we get around here.  The staff responsible for compliance gets trained and understands what needs to be done but they don’t get leadership support.  Over the years we have had to have those...

OCR Audit Updates Phase 2

During the NIST OCR HIPAA Security Conference we covered in the last two episodes, there was also a session on OCR Audit Updates. OCR gave an update on the information gleaned so far from the compliance desk audits that were started in 2016. Their presentation...

NIST OCR Security Conference Part Deux

This is the second episode covering the things David has to share from the NIST OCR Security conference: Safeguarding Health Information. There are many great points he picked up. As we review them, we keep coming back to the reminder that HIPAA is about patient care...

NIST and OCR Security Conference

The NIST and OCR annual security conference has come around again.  This year, David attended the conference via webcast and shares his notes on the first day of the conference. Before the conference discussion, however, we have to touch on the announcement from...

Email Isn’t Secure

Let’s review email systems and how they can be secured for ePHI and other sensitive data. Alston Article on Email Security Notes Leigh from Florida sent us an email asking for us to explain some more specifics about email. She had been listening to Episode 8: HIPAA...