risk analysis Archives - Veterans Press, Inc.

Security Breaches Aren’t the Only Compliance Risks! So Are Privacy Rights Violations: HIPAA & HITECH Act Blog by Jonathan P. Tomes

A recent announcement by the Dental Board of California has reinforced the notion that having a breach of security, such as a hacker’s gaining access .. read more

On April 23rd, 2019, posted in: HIPAA Compliance Blog by Alice Tags: Alice M. McCart, breach, HHS, HIPAA civil money penalties, HIPAA right of access, HIPAA training, HIPAA violation, HITECH, Jonathan P. Tomes, Notice of Privacy Practices, OCR, Office for Civil Rights, privacy rights violations, Privacy Rule, risk analysis

Lack of Business Associate Agreement Costs $500,000! HIPAA & HITECH Act Blog by Jonathan P. Tomes

Advanced Care Hospitalists PL (“ACH”) recently settled a Department of Health and Human Services (“DHHS”) Office for Civil Rights (“OCR”) enforcement action for $500,000 for .. read more

On March 31st, 2019, posted in: HIPAA Compliance Blog by Alice Tags: Alice M. McCart, breach, breach notification, business associate, business associate agreement, data breach, EHR, HHS, HIPAA, HIPAA civil money penalties, HIPAA compliance, HIPAA policies, HIPAA violation, HITECH, HITECH Act, Jonathan P. Tomes, lack of business associate agreement, OCR investigation, Office for Civil Rights, PHI, Privacy Rule, risk analysis, Security Rule

20 Plus Years of HIPAA and What Have We Got?: HIPAA & HITECH Act Blog by Jonathan P. Tomes with Guest Commentator Alice M. McCart, J.D.

The Quinnipiac Health Law Journal, vol. 22, no. 1 (2018), of Quinnipiac School of Law, just published Jon’s most recent scholarly article. This article is .. read more

On December 20th, 2018, posted in: HIPAA Compliance Blog by Alice Tags: Alice M. McCart, compliance, HIPAA, HIPAA policies, HIPAA seminar, HIPAA training, HITECH, HITECH Act, Jonathan P. Tomes, risk analysis

DHHS OIG Finds Deficiencies in FDA Policies and Procedures to Address Cybersecurity Risk in Postmarket Medical Devices: HIPAA & HITECH Act Blog by Jonathan P. Tomes

As a follow-on to the previous three blog posts addressing the mIoT—that is, the medical Internet of Things―an Office of the Inspector General (“OIG”) audit .. read more

On December 2nd, 2018, posted in: HIPAA Compliance Blog by Alice Tags: Alice M. McCart, audit, business associate, compliance, cybersecurity, FDA, HHS, HHS audit, HIPAA, HIPAA compliance, HIPAA policies, HITECH, identity theft, IoT, Jonathan P. Tomes, mIoT, OIG, Privacy Rule, risk analysis, Security Rule

Reducing mIoT Risks: HIPAA & HITECH Act Blog by Jonathan P. Tomes

In two recent blogs, we have discussed how the Internet of Things (“IoT”) has become the mIoT—that is, the medical Internet of Things―and what this .. read more

On November 25th, 2018, posted in: HIPAA Compliance Blog by Alice Tags: audit, compliance, data breach, EHR, emr, encryption, EPHI, HHS, HHS audit, HIPAA, HIPAA compliance, HIPAA policies, HIPAA training, HITECH, Jonathan P. Tomes, mIoT, Privacy Rule, reducing mIoT risks, risk analysis, Security Rule

More about Medical Internet of Things (“MIoT”) Risks: HIPAA & HITECH Act Blog by Jonathan P. Tomes

In my previous blog post, I discussed the need to evaluate the risks of the Internet of Things (“IoT”) for HIPAA compliance generally. In this .. read more

On November 18th, 2018, posted in: HIPAA Compliance Blog by Alice Tags: Alice M. McCart, compliance, HHS, HIPAA, HIPAA compliance, HIPAA policies, HIPAA training, HITECH, Jonathan P. Tomes, Medical Internet of Things ("MIoT"), risk analysis

Risk and the Internet of Things (“IoT”): HIPAA & HITECH Act Blog by Jonathan P. Tomes

The Internet of Things (“IoT”) is a concept that is becoming more and more important in HIPAA compliance. The Internet of Things generally is the .. read more

On November 13th, 2018, posted in: HIPAA Compliance Blog by Alice Tags: Alice M. McCart, breach, compliance, HIPAA, HIPAA compliance, HIPAA policies, HIPAA violation, HITECH, Internet of Things ("IoT"), Jonathan P. Tomes, OCR, Office for Civil Rights, PHI, Privacy Rule, risk analysis, Security Rule

How Does a $16 Million HIPAA Violation Settlement Grab You? HIPAA & HITECH Act Blog by Jonathan P. Tomes

The Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) has announced the biggest HIPAA violation settlement yet—that is, $16 million, smashing .. read more

On October 28th, 2018, posted in: HIPAA Compliance Blog by Alice Tags: Alice M. McCart, breach, breach notification, compliance, data breach, HHS, HIPAA, HIPAA civil money penalties, HIPAA compliance, HIPAA policies, HIPAA training, HIPAA violation, HIPAA violation settlement, HITECH, HITECH Act, identity theft, Jonathan P. Tomes, OCR, risk analysis, Security Rule

HIPAA and NIST: What’s the Connection? HIPAA & HITECH Act Blog by Jonathan P. Tomes

The National Institute for Standards and Technology [“NIST”] first became involved with HIPAA when it published “An Introductory Resource Guide for Implementing the Health Insurance .. read more

On October 14th, 2018, posted in: HIPAA Compliance Blog by Alice Tags: Alice M. McCart, business associate, compliance, data breach, EHR, encryption, EPHI, HHS, HIPAA compliance, HITECH, Jonathan P. Tomes, NIST, NIST Cybersecurity Framework, PHI, Privacy Rule, risk analysis, Security Rule

Another State Fine for a HIPAA Security Breach: HIPAA & HITECH Act Blog by Jonathan P. Tomes

As we’ve previously noted in this blog, the Office for Civil Rights (“OCR”) of the Department of Health and Human Services (“DHHS”), the Federal Trade .. read more

On September 12th, 2018, posted in: HIPAA Compliance Blog by Alice Tags: Alice M. McCart, breach notification, compliance, criminal conviction, criminal HIPAA violation, data breach, EHR, EPHI, HHS, HHS audit, HIPAA, HIPAA civil money penalties, HIPAA compliance, HIPAA policies, HIPAA training, HITECH, HITECH Act, Jonathan P. Tomes, OCR, PHI, risk analysis, Security Rule, state fine for HIPAA security breach