From the HHS site “Dr. Robert Glaser, a cardiovascular disease and internal medicine doctor in New Hyde Park, NY, did not cooperate with OCR’s investigation or respond to OCR’s data requests after failing to provide a patient with a copy of their medical record. Dr. Glaser waived his right to a hearing and did not …
From the HHS site “Rainrock Treatment Center, LLC dba Monte Nido Rainrock (“Monte Nido”), a licensed provider of residential eating disorder treatment services in Eugene, OR, has taken corrective actions including one year of monitoring and has paid OCR $160,000 to settle a potential violation of the HIPAA Privacy Rule’s right of access standard.” Resolution …
From the HHS site “Denver Retina Center, a provider of ophthalmological services in Denver, CO, has agreed to take corrective actions that includes one year of monitoring and has paid OCR $30,000 to settle a potential violation of the HIPAA Privacy Rule’s right of access standard;” RESOLUTION AGREEMENT
From the HHS site “Advanced Spine & Pain Management (ASPM), which provides management and treatment of chronic pain services in Cincinnati and Springboro, Ohio, has agreed to take corrective actions that include two years of monitoring, and has paid OCR $32,150 to settle a potential violation of the HIPAA Privacy Rule’s right of access standard;” …
The major upheavals of the last couple of decades, such as the global recession and the COVID-19 pandemic, have demonstrated that firms will suffer severe setbacks if their supply chains are not resilient. An entire supply chain becomes vulnerable if one component is exposed to risk, just like a house of cards will topple if …
A security incident can topple an organization’s reputation and revenue in a short amount of time. As billionaire Warren Buffet once said, “it takes 20 years to develop a reputation and five minutes to ruin it.” Keeping that in mind, it’s ideal to have an incident response plan in place before a security breach occurs. …
From the HHS site “The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services announces the resolution of its twentieth investigation in its HIPAA Right of Access Initiative. OCR created this initiative to support individuals’ right to timely access their health records at a reasonable cost under the HIPAA Privacy …
A compliance program aims at protecting an organization from risk. The purpose of corporate compliance programs is to ensure that a business complies with laws or regulations relevant to it. You could consider a Compliance Program to be a form of internal insurance policy to create evidence of conformity with regulations and instill a culture …
Read more “8 Elements of a Business Impact Analysis (BIA) for Compliance”
As the name signifies, a BIA quantifies the impact of a cyber disruption on your business. It doesn’t matter if the disruption happens because of an internet outage or a severe breach — a BIA covers it all. A business impact analysis lays the foundation for a strong business continuity and disaster recovery (BCDR) strategy …
Read more “The Importance of Business Impact Analysis (BIA)”
Being a business owner is challenging. You have to deal with multiple problems at once and effectively solve each of those. You also need to have the foresight to arm your business with the right tools and solutions to deal with any issues that might arise later. One such issue that you must always focus …
Read more “Why to Adopt a Comprehensive Backup and BCDR Strategy”