For those in healthcare. By those in healthcare.
facebook
LinkedIn
twitter

Comply Assistant’s Blog

spokwise

October 14, 2016

Have you tested your breach incident response process?

By Gerry Blass

Adding a cybersecurity tactical simulation test to an overall information security risk assessment is a must in today’s world. It is a sure bet that attacks and breaches will continue to occur and so the need for functional assessments, mitigation, awareness and response are key to protecting your organizations confidential information.

Read more


 

August 25, 2016

How to avoid HIPAA penalties based on some of the largest!

By Gerry Blass

Reviewing some of the largest fines can help healthcare organizations learn how to avoid them should an incident occur. Many experts say that it isn’t IF an incident will occur, it’s WHEN. Here is a sample list of how to be ready for an OCR audit due to either an incident or routine phase two audit protocols:

  • Be a functional organization by properly funding your information security program
  • Empower your Chief Information Security Officer (CISO)
  • Conduct periodic risk assessments (HIPAA rules, OCR Phase 2 protocols, NIST (including Cybersecurity framework), PCI, Intrusion vulnerabilty scanning,  external penetration testing, phishing exercises, etc)
  • Implement and maintain operational policies, procedures and plans (e.g facility security plans, etc)
  • Educate the workforce on a periodic general basis and focused as needed
  • Implement a process to assess  third party business associates for information security risk and contracts
  • Mitigate known risk in the order of highest to lowest
  • Protect vulnerable PHI in transit and at rest
  • Be prepared for an OCR audit, now based on phase 2 protocols
  • Be prepared to respond to an incident

Read more


 

August 5, 2016

Third party (BA) contract and privacy and security risk management

By Gerry Blass

The HITECH-OMNIBUS final rule stepped up the requirements and for both CEs and BAs and both must now include the new requirements in their information privacy and security risk analysis and management program.

Read more


ComplyAssistant, cybersecurity, data breach, HIPAA

Pages:

Social

Please follow and ‘Like’ us
RSS
Follow by Email
Facebook
Google+
Twitter
©2019 HIT Leaders and News LLC. All rights reserved.
%d bloggers like this: