Archive for the ‘Uncategorized’ Category

Obama’s new cybersecurity plan a good start

I recently authored an article for the Daily Journal on the new cybersecurity framework.  You can read about it by visiting the Daily Journal.  

The Ramifications of a Security Breach

New Study Finds that Two Thirds of U.S. Adults Would Not Return to a Business Where Their Personal Information was Stolen. From hackers to stolen laptops, security breaches have been on the rise.  While most businesses are aware of the dangers associated with potential security breaches, few truly understand the full ramifications.  Calculating the time […]

HIPAA TOOLBOX: 13 STEPS FOR A HEALTHY CHECKUP

HEALTH PLAN PAYS FOR FAILING TO ERASE DATA ON LEASED EQUIPMENT: TWO TAKEAWAYS FOR COMPANIES HANDLING ELECTRONIC PHI

Health Care Alert: Health plan pays for failing to erase data: 2 takeaways for companies handling electronic PHI By Marcia Augsburger, M. Scott Koller and Tiffani V. Williams The Office for Civil Rights (OCR) has announced a settlement between the US Department of Health and Human Services and Affinity Health Plan, Inc. to address potential […]

World’s Biggest Data Breaches – Visualized

Check out this website which visualizes the world’s biggest data breaches. Source: http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/

WELLPOINT AGREES TO PAY $1.7M IN HIPAA PENALTIES: WHAT THIS TELLS YOU

By Marcia Augsburger, Tiffani Williams and Jim Halpert The Department of Health and Human Services Office for Civil Rights has announced that WellPoint, Inc. has agreed to pay $1.7 million to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). If you are a covered entity or business associate under HIPAA, this settlement underscores […]

NIST releases 4th version of security control catalog SP 800-53

The National Institute of Standards and Technology released April 30 a revised version of its security control catalog for federal systems, SP 800-53. The revision (.pdf), the fourth version of the security controls catalog, also includes for the first time an appendix of privacy controls. Changes to the security controls include a new emphasis on secure software […]

HIPAA Omnibus Final Rule Released

This afternoon, HHS released the attached omnibus final rule modifying the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules as required the Health Information Technology Economic and Clinical Health (HITECH) Act and the Genetic Information Nondiscrimination Act (GINA). Notably, the final rule makes business associates of covered entities directly liable for certain HIPAA Privacy and […]

OCR Issues Guidance on the Use of De-Identified Health Information

Covered Entities and HIPAA practitioners should be aware that the Office of Civil Rights (OCR) has issued guidance about methods and approaches to achieve de-identification in accordance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule. The full text is available here: http://www.hhs.gov/ocr/privacy/hipaa/understanding/coveredentities/De-identification/guidance.html

California Issues App Developer Noncompliance Notice

California Attorney General Kamala Harris has reportedly sent out notices warning as many as 100 mobile app developers that they must conspicuously post privacy policies within the next 30 days to be in compliance with the California Online Privacy Protection Act, Bloomberg reports. The new state protocol requires mobile applications that collect personal data within the […]

Subscribe to RSS Feed