ALERT: OCR is Phished!
The Office for Civil Rights (OCR) announced on Monday, November 28, 2016, that is was a victim of a sneaky...
Protecting Email
The Internet has now been around for 40 years, with email as a core application. The Internet is used in...
OCR: HIPAA and Cloud Services
In early October 2016, the Office for Civil Rights (OCR) published an extensive guidance document on Cloud Computing that takes...
Ransomware – What is it? What has it got to do with HIPAA?
The Office for Civil Rights (OCR) guidance: “FACT SHEET: Ransomware and HIPAA”[1] defines ransomware as: “Ransomware is a type of...
OCR Current Round of Audits
The Office of Civil Rights' (OCR) second round of audits began on Monday, July 11, 2016, when selected covered entities...
Cybersecurity Insurance – What Is It? How Does It Work?
Cybersecurity insurance is an insurance policy that is designed to help with the losses from a variety of cyber incidents,...
OCR and Business Associates
OCR’s interest in Business Associates is not new but they are much more active in this area lately. For example,...
HIPAA Security Rule Risk Analysis/Assessment + OCR Audit Protocols
The HIPAA Security Rule at 45 CFR 164.308(a)(1)(ii)(A) Risk Analysis requires a covered entity or business associate to “Conduct an...
OCR’s Phase 2 Proactive HIPAA Audits
Phase 2 of the proactive HIPAA Audits mandated by the HITECH Act of 2009 began in earnest in March 2016,...
ALPHABET SOUP and HIPAA Compliance
As you may know, there are more than a few federal agencies that impact HIPAA and its compliance. Two or...
Latest HIPAA Final Rule
Hello HIPAA Gang! Do you remember the HIPPOs everyone gave out when HIPAA was brand new? Well, Mama Hippo...