October 21, 2014

Free Webinar Supports How Good Policies and Procedure Form Foundation of Strong Compliance Programs

Risk mitigation is a major challenge and, at the same time, an opportunity for risk management and business continuity planning activities. When it comes to events such as the HHS’ formal HIPAA Audit Program, as mandated by the HITECH Act, it is becoming more and more clear that an auditor’s first impressions and subsequent on-site visits, reviews and audits will be impacted by the content of the audited organization’s Policies and Procedures. How good are your organization’s policies and procedures? Policies set the stage and serve as an organization’s foundation and initial roadmap … [Read more...]

Risk Management Required for Top HR-Related Organizational Concerns

Photo courtesy of employeeleasingquotes.com

Areas of risk for many organizations often come from departments of that organization being overlooked for the true risk potential hidden in the day-to-day operations of that department.  Business continuity planners and risk management team members need to always be aware of and plan for controlling those risks.  Such is the case for the posting below which brings our attention to some top HR compliant concerns for risk and threat potential to those SMB's..... Assumption:  Unlike their large enterprise company counterparts, small and mid-sized companies (SMB’s) too often do not have the … [Read more...]

HIPAA Security Rule Toolkit — Free Offering from NIST

Photo courtesy of fbmc.com

In a response to some of our reader’s questions and comment concerning the HIPAA Security Rule(s), our staff search activities recently came across a new tool offered by the National Institute of Standards and Technology’s (NIST) Information Technology Laboratory.  This “NIST HIPAA SECURITY TOOLKIT” is an easy to learn and easy to use resource intended to help organizations better understand the requirements of the HIPAA Security Rule(s), implement those requirements, and asses those implementations in their own organization’s operational environment. According to information received on … [Read more...]

HIPAA Privacy Violation Fines: A Potential Factor for Risk Management Strategy Planning

In an effort to not lose focus on the seriousness of compliance requirements regarding HIPAA, we point our readers to a recent article written by Howard Anderson, Executive Editor, of and posted on the HealthcareInfoSecurity.com website.  In this posting we are told that for the first time, federal officials have fined a healthcare organization for violations of the HIPAA privacy rule. Cignet Health of Prince George's County, Md., was fined $4.3 million for the violations that involved failing to provide 41 patients with access to their medical records and then failing to cooperate with … [Read more...]

Emergency preparedness: Compliance is only a partial solution.

In a recent article written by Francis J. D’Addario, posted on the SecurityInfoWatch.com website, and entitled “Emergency Preparedness: Compliance, Care and the Long View”, we are given an interesting view into the logic and market driven dynamics of how to improve levels of emergency preparedness and resiliency for organizations, individuals, and communities. Bottom line is that effective risk mitigation requires investments of time, money and mindshare, and as Mr. D’Addario states, “….we must assess our current capabilities and close the gap on the people, process and technology resources … [Read more...]