Assessment strategy for security and privacy preparedness
The potential for health plan privacy and security data breaches is substantial. Implementation varies widely within the sector. Adequate data protection and security are priorities for health plans. A basic approach to assessing an organization’s current preparedness requires consideration in three key areas. Risk Management: E Com Security Solutions Identify and [...]
HIPAA Compliance for Medical Software Applications
Medical Software Application including mobile, web, IoT and back-end applications that process Protected Health Information (often abbreviated to PHI, or ePHI when it is stored or transmitted electronically) are required to comply with HIPAA requirements. Examples of these applications include eHealth or mHealth app that collects personal data about the [...]
Overview of HIPAA Privacy and Security Rule
The Health Insurance Portability and Accountability Act (HIPAA) Omnibus Final Rule, effective March 26, 2013, greatly expands privacy and security standards, compliance actions, breach notification steps, and penalties. The new regulations allow for fines of more than $1 million for health record breaches. The potential for data breaches is significant [...]
Covered Entities and Business Associates under HIPAA Compliance
The Department of Health and Human Services (HHS) has issued the HIPAA Omnibus Final Rule in January 2013. The rule’s security and privacy implications lie in its strengthening of regulatory protections for patient information and increasing fines for HIPAA violations. HHS has taken a series of steps to strengthen patient [...]
Benefits and Applicability of SOC 2 Reports
Third party organisations that successfully complete a SOC 2 audit can offer their clients reasonable assurance that an independent reviewer has assessed their controls that relate to operations and compliance; and they meet the criteria prescribed by AICPA for the five TSCs. The report helps to prioritise risks in order [...]
Follow Us