Notice the title doesn’t say HIPAA Security and Privacy. Nor does it have any of the words – HITECH, Omnibus Rule, Meaningful Use etc. That is the point of this post. Let …
HITECH
Do we have a wake-up call in the OIG HHS Report on HIPAA Security Rule Compliance & Enforcement?
If you didn’t notice already, the Office of Inspector General (OIG) in the Department of Health and Human Services (HHS) published a report on the oversight by the Center for …
Providers Is HIPAA Security Risk Analysis in your plan over the next few months?
Security Risk Analysis is something that we recommend all organizations conduct periodically or before a significant process or technology change. After all, threats, vulnerabilities and impact (three components of risk, …
You don’t know what you don’t know Do we have a “detection” problem with the healthcare data breach numbers?
Like some of you perhaps, I have been reading a few recent articles on Healthcare data breaches, especially the one from Dark Reading and a detailed analysis of the 2010-to-date …
Proposed updates to HIPAA Security and Privacy Rules What is new?
It was good to see the Office of Civil Rights (OCR) publish the long awaited proposed updates to HIPAA Security and Privacy Rules Thursday last week. Note that OCR is …
Logging for Effective SIEM and PCI DSS Compliance …. UNIX, Network Devices and Databases
In one of my previous blogs, I covered the importance of logging the “right” events for an effective Log Management or Security Information and Event Management (SIEM) deployment … see …
Identity Theft Red Flags Rule – Is the 06/01/10 deadline looking good?
Frankly, I have lost count of how many times FTC has moved the deadline already (see my related post from 2009). This time, however, I think the deadline is too …