ONC Publishes Version 2.0 of its Security Risk Assessment Tool

October 20, 2016. The Office of the National Coordinator for Health Information Technology (ONC) of the U.S. Department of Health and Human Services (HHS), in collaboration with the HHS Office for Civil Rights (OCR) and the HHS Office of the General Counsel (OGC), published in September 2016 Version 2.0 of its interactive Security Risk Assessment Tool in a Windows version and in an iPad version for download, and accompanying PDF version of its Security Risk Assessment (SRA) Tool User Guide.

OCR Settles HIPAA Security Risk Violations with St. Joseph Health Integrated Health Care Delivery System for $2.14 Million

October 19, 2016. On October 18, 2016, the Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) announced in a news release entitled: $2.14 million HIPAA settlement underscores importance of managing security risk, that St. Joseph Health (SJH), a nonprofit integrated Catholic health care delivery system throughout California and in parts of Texas and New Mexico, settled HIPAA Security Rule violations for $2,140,500 and agreed to a corrective action plan.

NIST Builds Enhances Its Cybersecurity Resources with Release of Baldridge Cybersecurity Excellence Builder

October 18, 2018. On September 15, 2016, the National Institute of Standards and Technology (NIST) released a draft of the Baldridge Cybersecurity Excellence Builder, “a self-assessment tool to help organizations better understand the effectiveness of their cybersecurity risk management efforts, [and that] blends the best of two globally recognized and widely used NIST resources: the organizational performance evaluation strategies from the Baldridge Performance Excellence Program and the risk management mechanisms of the Cybersecurity Framework.”

ONC’s Guidance on Mobile Device Safeguards for ePHI Requires a Careful Look and Implementation

October 17, 2016. In the previous post on the Office for Civil Rights (OCR) recently released Guidance on HIPAA & Cloud Computing, Question #7 was: “Do the HIPAA Rules allow health care providers to use mobile devices to access ePHI in a cloud?”

OCR Releases HIPAA Privacy, Security, and Breach Notification Guidance on Cloud Computing

On October 6, 2016, the Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) released a document entitled: Guidance on HIPAA & Cloud Computing.

OCR Settles HIPAA Violations with Business Associate of Affiliated Covered Entity for $400,000

On September 23, 2016, the Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) announced, in a news release entitled: HIPAA settlement illustrates the importance of reviewing and updating, as necessary, business associate agreements,

Categories



Archives

  • October 2017 (1)
  • August 2017 (3)
  • July 2017 (1)
  • June 2017 (7)
  • May 2017 (12)
  • April 2017 (10)
  • March 2017 (2)
  • February 2017 (3)
  • January 2017 (4)
  • December 2016 (4)
  • November 2016 (7)
  • October 2016 (7)
  • September 2016 (2)
  • August 2016 (1)
  • July 2016 (3)
  • June 2016 (1)
  • May 2016 (1)
  • April 2016 (8)
  • March 2016 (6)
  • February 2016 (2)
  • December 2015 (1)
  • November 2015 (1)
  • October 2015 (4)
  • September 2015 (1)
  • June 2015 (8)
  • May 2015 (3)
  • April 2015 (2)
  • March 2015 (1)
  • November 2014 (1)
  • September 2014 (15)
  • August 2014 (6)
  • July 2014 (1)
  • June 2014 (13)
  • May 2014 (11)
  • April 2014 (13)
  • March 2014 (6)
  • February 2014 (12)
  • January 2014 (3)
  • December 2013 (1)