Last week Amazon unveiled their newest innovation in their push towards entering the healthcare industry with new Alexa Healthcare Skills. Essentially, they announced that specific healthcare entities can create new Alexa healthcare skills, subject to HIPAA.
When HIPAA was enacted on August 21, 1996, it turned the entire healthcare industry on its head. More than 20 years later, and many healthcare organizations constantly struggle when attempting to stay on top of everything this government regulation entails. So what are some of the most common HIPAA violations?
All organizations need well-managed policies and procedures. Your policies and procedures are the first line of defense against risk, and they help your organization run smoothly. Is your policy management process effective? Is it up-to-date? Now is a good time to review your policy management process. We've created a three-part webinar series to help you.
Protecting ePHI or electronic Protected Health Information should be a top priority for your organization or you'll soon face huge fines from government entities. Recently, 21st Century Oncology, Inc. (21CO) agreed to pay $2.3 million to the U.S. Department of Health and Human Services (HHS) Office of Civil Rights (OCR) and adopt a comprehensive corrective action plan to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules.
To define malware, it is malicious software coded with the intent of causing harm to a user, system, or a network. Although malware is nothing new, the rate at which it continues to evolve into new invisible forms of threats should raise the alarm for many businesses. It's important that your organization's staff understands the threat that malware poses and the difference between each form of malware.
Since it was enacted in 1996 by the United States government, The Health Insurance Portability and Accountability Act has enforced strict penalties for organizations who fail to provide data privacy and provisions towards safeguarding medical information. More specifically, it demands that the Department of Human Services and Health in the U.S. (HHS) create regulations that protect both the security and privacy of health information.
The Federal Trade Commission (FTC) issued a policy enforcement statement on October 23rd, 2017 that provides new direction on the application of the Children's Online Privacy Protection Rule ("COPPA"). Specifically, they've updated the collection of audio voice recordings online. COPPA compliance applies to operators of online services that are either directed to children under 13 years of age or know they are collecting personal information from children under the age of 13.
Maintaining compliance on every facet of your organization isn't easy. It's especially hard for smaller organizations and start-ups who simply don't have enough revenue to be able to afford a compliance officer. However, the costs of being out of compliance can be far greater and bring more lasting consequences for companies. Below we've outlined some of the biggest costs associated with non-compliance.
Your organization has until December 31, 2017 to implement NIST SP 800-171 if you have contracts with the United States Department of Defense (DoD) or are a subcontractor to a prime contractor with DoD contracts. This requirement is stipulated in the Defense Federal Acquisition Regulation Supplement (DFARS).