Doug Kanney

Doug Kanney is a Principal at Schellman & Company. Doug leads the HITRUST and HIPAA service lines and assists with methodology and service delivery across the SOC, PCI-DSS, and ISO service lines. Doug has more than 15 years of combined audit experience in public accounting. Doug has provided professional services for multiple Global 1000, Fortune 500, and regional companies during the course of his career.

  • HIPAA Fines Do Not Only Apply to Covered Entities

    HIPAA Fines Do Not Only Apply to Covered Entities

    Schellman Principal Doug Kanney highlights the importance of HIPAA compliance for Business Associates, whose handling of lucrative data makes them prime cyberhacking targets.

    Read Article
  • HIPAA Security Rule Risk Analysis: ONC/OCR SRA Tool

    HIPAA Security Rule Risk Analysis: ONC/OCR SRA Tool

    Schellman Principal Doug Kanney provides an overview of the ONC/OCR SRA tool which by design helps organizations navigate the HIPAA risk analysis process.

    Read Article
  • What Scoring is Required to Obtain HITRUST Certification?

    What Scoring is Required to Obtain HITRUST Certification?

    Oftentimes, organizations that are just starting their HITRUST journey will ask what they need to score in order to be HITRUST certified and just how that scoring process works.

    Read Article
  • Newly Issued Fact Sheet on Direct Liability of Business Associates under HIPAA

    Newly Issued Fact Sheet on Direct Liability of Business Associates under HIPAA

    On May 24th, The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued a fact sheet on direct liability of Business Associates under HIPAA. For reference,...

    Read Article
  • What is Considered PHI or ePHI?

    What is Considered PHI or ePHI?

    The question of what is considered Protected Health Information (PHI) / Electronic Protected Health Information (ePHI) seems like it should be very simple to answer.  Unfortunately,...

    Read Article
  • loading
    Loading More...