Posts

OCR Cybersecurity Training Online
, , , ,

OCR Training Video

Are You Tired of Hearing It? Just SHUT UP ALREADY - I know some of you are thinking that. We've been going on and on about the importance of cybersecurity training, and I know more than a few of you are getting tired of it. So what do we do…
NIST Cybersecurity
, , , ,

New HIPAA guidance is on the way, here’s the good and the bad.

New HIPAA Guidance Years ago, at a HIPAA conference in DC hosted by NIST, they announced an update to 800-66 would be coming. Almost 10 years later, we now have a draft copy of this paper - 800-66r1. Why is this significant? 800-66 was the…
, , , , ,

OCR announces 11 more HIPAA ROA violations

Eleven more fines, are you next? OCR recently announced that 11 more entities were fined for failing to provide timely access to patient records following a patient complaint. This list included mental health practitioners, dentists, and more.…
HIPAA Breach Notification

HIPAA Breaches Running at Record Rate

HIPAA Breaches and You In the past 12 months, we've averaged over 3.3 million breached healthcare records per month. Aside from the breach of confidentiality this represents, the information in those records is used for financial fraud,…
Strong password

Hey, what’s your password? The Dark Web knows

Creating Better Passwords To make passwords "strong," they must be both unique and lengthy (at least 12 characters). Generally, people are pretty bad at creating passwords that fit either category (much less both). You could let a computer…
HIPAA violations
, , ,

HIPAA Fines Show How You Are Failing

HIPAA violations are on the rise. Although we didn't hear too much about breach-related HIPAA violations during the pandemic, incidents were occurring, and the violations are now being pursued and published. The result is a steady stream of…
OCR HIPAA Cybersecurity
, , ,

OCR is soliciting feedback on pending changes

OCR is making HIPAA changes, are you ready? Earlier today the Office for Civil Rights (OCR) issued a Request For Information to its constituents (that's us) soliciting feedback for potential changes in two areas. The first area relates to cybersecurity,…