Jan 13, 2012
New HIPAA Security Audits - What are your chances of being selected?
See entire article on link (More) HHS Audits the 1% … and the Rest: First HIPAA Privacy and Security Audits Begin *** HHS divided the covered entity population into four levels and various types of covered entities. Level 1 Entities Large providers/payors with more than $1 billion in revenue and/or assets Level 2 Entities Large regional hospital systems/Regional payor with between $300 million and $1 billion in revenue and/or assets Level 3 Entities Community hospitals, ambulatory surgery centers, regional pharmacies (with between $50 million and $300 million in revenue and/or assets) and self-insured entities that do not adjudicate their claims Level 4 Entities Small providers and community pharmacies with less than $50 million in revenue and/or assets
Dec 27, 2011
InSPN's November 2011 Meeting
Quarterly Meeting In Review Our November meeting had a record high of 75 attendees. Many thanks to our speakers & panel participants for their outstanding presentations. Featured Speakers: Lige Hensley, Chief Technology Officer, Ivy Tech Jeff Short , Attorney, Hall Render Killian Heath & Lyman Bob Sipes, InfraGard Panelists:(Healthcare CIOs from roundtable session:) • TJ Houske, IT Infrastructure and Chief Security Officer, OrthoIndy and Indiana Orthopaedic Hospital • Jim Boyer, Chief Information Officer, Rush Memorial Hospital • Michael Mover, Chief Information Officer, Riverview Hospital Visit our website and resources for copies of presentations. We also appreciate our Technology Fair Vendors: Hall Render Killian Heath & Lyman Sterlyn Associates RPM Technologies PONdurance LightBound FishNet Security Crowe Horwath InSPN wishes to thank all it's members and supporters for another great year!
Nov 11, 2011
OCR provides information about HIPAA Privacy & Security Audit Program
OVERVIEW: The American Recovery and Reinvestment Act of 2009, in Section 13411 of the HITECH Act, requires HHS to provide for periodic audits to ensure covered entities and business associates are complying with the HIPAA Privacy and Security Rules and Breach Notification standards. To implement this mandate, OCR is piloting a program to perform up to 150 audits of covered entities to assess privacy and security compliance. Audits conducted during the pilot phase will begin November 2011 and conclude by December 2012. PROGRAM OBJECTIVES: The audit program serves as a new part of OCR’s health information privacy and security compliance program. OCR will use the audit program to assess HIPAA compliance efforts by a range of covered entities, Audits present a new opportunity to examine mechanisms for compliance, identify best practices and discover risks and vulnerabilities that may not have come to light through OCR’s ongoing complaint investigations and compliance reviews. OCR will broadly share best practices gleaned through the audit process and guidance targeted to observed compliance challenges via this web site and other outreach portals.
Oct 14, 2011
OIG releases HIPAA compliance target areas
OIG releases HIPAA compliance target areas By Dom Nicastro The Department of Health and Human Services (HHS) Office of Inspector General (OIG) plans to focus on HIPAA compliance reviews of security controls in Medicaid programs and federal oversight of two key HIPAA regulations as part of its Fiscal Year 2012 Work Plan. The OIG released its annual Work Plan October 5. The OIG cited four HIPAA target areas it will review in the next 12 months: (1) States’ data security requirements under business associate agreements (2) Medicaid security controls over state web-based applications (3)OCR oversight of the HIPAA Privacy Rule (4)OCR oversight of the HITECH breach notification rule
Oct 12, 2011
Social Media Evolution in Healthcare: Drivers and Restraints
InSPN cordially invites you to attend a combined IAPP KnowledgeNet and Privacy After Hours Event: Social Media Evolution in Healthcare: Drivers and Restraints Followed by a cocktail reception