HIPAA Compliance Blog

avatar A Different Type of HIPAA Risk Analysis: HIPAA & HITECH Act Blog by Jonathan P. Tomes

Long-time readers of my blog are probably sick of my preaching the importance of a HIPAA risk analysis in HIPAA compliance. And I’m not going .. read more

avatar DHHS Issues New Guidance on HIPAA and Individual Authorization of Uses and Disclosures of PHI for Research: HIPAA & HITECH Act Blog by Jonathan P. Tomes

The U.S. Department of Health and Human Services (“DHHS”) Office for Civil Rights (“OCR”) has issued new guidance for HIPAA-covered entities to streamline HIPAA authorizations .. read more

avatar DHHS Issues Reminder to Address Physical Security, Particularly Workstation Security: HIPAA & HITECH Act Blog by Jonathan P. Tomes

In May 2018, the U.S. Department of Health and Human Services (“DHHS”) Office for Civil Rights (“OCR”) issued its Cybersecurity Newsletter, “Workstation Security: Don’t Forget .. read more

avatar Colorado Enacts a New Consumer Data Privacy Protection Law: HIPAA & HITECH Act Blog by Jonathan P. Tomes

The Colorado governor signed into law HB 1128, a new consumer data privacy protection law, which is intended to protect personal identifying information (“PII”). Effective .. read more

avatar A Court Order Isn’t Necessarily a Court Order. What is necessary and sufficient? HIPAA &HITECH Act Blog by Jonathan P. Tomes

HIPAA is hard to understand, even for lawyers. One of the hardest HIPAA concepts to understand and apply is the difference between necessary and sufficient .. read more

seo by: k.c. seo