Compliance & Legal

By Erin McCann 11:08 am April 01, 2015
The Office of Inspector General is once again calling out CMS for failing to adequately address fraud vulnerabilities in electronic health records.
Signing contract
By Erin McCann 10:51 am February 25, 2015
There's a right way to manage third-party risks and vendor contracting, and there's the wrong way. And, too often, it's the latter. But it doesn't have to be. Here are some things your organization should keep in mind.
Interior of building
By Erin McCann 10:24 am February 18, 2015
It turns out many healthcare organizations get more than a few things wrong about their information security frameworks.
Overwhelmed with work
By Anthony Brino 07:59 am February 13, 2015
The threat from hackers affects all business, but healthcare providers face the additional threat of fines for failure to comply with HIPAA regulations. These fines are no mere speeding ticket.
By Erin McCann 11:04 am February 12, 2015
One takeaway from the ICD-10 hearing on Capitol Hill this Wednesday? The majority of healthcare stakeholders called on federal lawmakers to issue no more delays for the code set implementation start date, which is set for Oct. 1.
Laptop with padlock
By Erin McCann 10:57 am February 10, 2015
Some 45,000 people are getting HIPAA breach notification letters after a mental health provider failed to encrypt laptops containing medical data and Social Security numbers.
By Erin McCann 10:55 am December 09, 2014
A five-facility mental health organization in Alaska has agreed to pay up and shape up its HIPAA compliance program after a Department of Health and Human Services investigation found the group failed to appropriately safeguard patient data.
University Hospitals
By Erin McCann 10:51 am December 02, 2014
Your organization can have the most well-crafted privacy and security policies in the world. But if those policies are accompanied by lukewarm emphasis and no accountability, or your staff just downright ignores them, you have a big security problem -- just like the folks at one Ohio-based health system did last week.
By Erin McCann 11:08 am November 06, 2014
The EHR audits are coming. The Office of the Inspector General will continue to pay closer attention to the healthcare industry's use of electronic health records -- in particular HIPAA security, EHR incentive payments and fraud, according to the office's recently released 2015 work plan.
It pays to be ready when it comes to HIPAA compliance audits.
By Tom Sullivan 04:03 pm September 10, 2014
When the Office for Civil Rights knocks on your door, asking about HIPAA compliance, it pays to be ready. And OCR is looking to audit providers ranging from large to small, and across a wide geographical distribution.