HIPAA Fines Do Not Only Apply to Covered Entities
Schellman Principal Doug Kanney highlights the importance of HIPAA compliance for Business Associates, whose handling of lucrative data makes them prime cyberhacking targets.
HIPAA Security Rule Risk Analysis: ONC/OCR SRA Tool
Schellman Principal Doug Kanney provides an overview of the ONC/OCR SRA tool which by design helps organizations navigate the HIPAA risk analysis process.
What Scoring is Required to Obtain HITRUST Certification?
Oftentimes, organizations that are just starting their HITRUST journey will ask what they need to score in order to be HITRUST certified and just how that scoring process works.
Newly Issued Fact Sheet on Direct Liability of Business Associates under HIPAA
On May 24th, The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued a fact sheet on direct liability of Business Associates under HIPAA. For reference,...
What is Considered PHI or ePHI?
The question of what is considered Protected Health Information (PHI) / Electronic Protected Health Information (ePHI) seems like it should be very simple to answer. Unfortunately,...