Myth vs. Fact: Security Risk Analysis

Myth vs. Fact: Security Risk Analysis

As a company that handles protected health information (PHI), HIPAA requires you to analyze how you manage risks to your PHI. This is known as a security risk analysis (SRA). The U.S. Department of Health and Human Services says risk analyses are vital to HIPAA...
My EMR/EHR Makes Me HIPAA Compliant, Right?

My EMR/EHR Makes Me HIPAA Compliant, Right?

Far too many privacy officers lean on their electronic medical record (EMR) or electronic health record (EHR) system as a HIPAA compliance crutch. They believe (mistakenly) that an EMR/EHR system keeps their organization HIPAA compliant. Maybe that’s you. However,...