October 20, 2016. The Office of the National Coordinator for Health Information Technology (ONC) of the U.S. Department of Health and Human Services (HHS), in collaboration with the HHS Office for Civil Rights (OCR) and the HHS Office of the General Counsel (OGC), published in September 2016 Version 2.0 of its interactive Security Risk Assessment Tool in a Windows version and in an iPad version for download, and accompanying PDF version of its Security Risk Assessment (SRA) Tool User Guide.
October 19, 2016. On October 18, 2016, the Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) announced in a news release entitled: $2.14 million HIPAA settlement underscores importance of managing security risk, that St. Joseph Health (SJH), a nonprofit integrated Catholic health care delivery system throughout California and in parts of Texas and New Mexico, settled HIPAA Security Rule violations for $2,140,500 and agreed to a corrective action plan.
October 18, 2018. On September 15, 2016, the National Institute of Standards and Technology (NIST) released a draft of the Baldridge Cybersecurity Excellence Builder, “a self-assessment tool to help organizations better understand the effectiveness of their cybersecurity risk management efforts, [and that] blends the best of two globally recognized and widely used NIST resources: the organizational performance evaluation strategies from the Baldridge Performance Excellence Program and the risk management mechanisms of the Cybersecurity Framework.”
October 17, 2016. In the previous post on the Office for Civil Rights (OCR) recently released Guidance on HIPAA & Cloud Computing, Question #7 was: “Do the HIPAA Rules allow health care providers to use mobile devices to access ePHI in a cloud?”
On October 6, 2016, the Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) released a document entitled: Guidance on HIPAA & Cloud Computing.
On September 23, 2016, the Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) announced, in a news release entitled: HIPAA settlement illustrates the importance of reviewing and updating, as necessary, business associate agreements,
In February 2014, in response to President Obama’s Executive Order 13636, The National Institute of Standards and Technology (NIST) published the Framework for Improving Critical Infrastructure Cybersecurity.