Thursday, June 4, 2015

SIIM 2015 presentations highlights security points to remember

Helen Oscislawski, J.D.
PARCA eNews – May 30, 2015 – The main message of recent healthcare data breaches is to learn from other’s mistakes. With that in mind, Helen Oscislawski, Esq., of Oscislawski LLC, gave a list of the top 10 IT security concepts to remember In a SIIM 2015 presentation, May 29.

As compiled by Evan Godt of here are six of them:

Do a HIPAA Security Audit – This federal regulation (45 CFR 164.306) provides specifications on the technical, administrative and physical specification of implementing security standards.

HHS Resolution Agreements – can be costly and appear to be going up.  The amount collected in the last 12 months ($7.7 million) was  nearly double the preceding year (just under $4 million). Check out examples of agreements on the Health and Human Servicers (HHS) website.

Big breaches are harder to fill – When news of breaches like the ones at Anthem or Premera Blue Cross occur, follow the news and learn what you can about what went wrong. If the big players have been hacked, you can be too.

Report Breaches – The date an employee discovers a breach starts the clock for reporting to HHS. Be sure the organization policy for reporting is clearly understood and followed.

Encryption – One of the areas of emphasis for the HHS and the Office for Civil Rights (OCR) is the need for encryption to safeguard laptops that may be lost or stolen. 

Educate and Training – For all employees must be an ongoing effort to continually remind staff of the need for security and to keep them up-to-date.

No comments:

Post a Comment