In January 2017, a HIPAA-covered Texas clinic learned that someone had stolen an unencrypted external hard drive. The thief took it from a locked closet inside the clinic. The clinic used that hard drive to back up patients’ protected health information (PHI)....
If you don’t record and review system activity, hackers or unethical employees can harm your organization without a trace. Therefore, The Office for Civil Rights (OCR) prompts HIPAA-covered organizations to collect, secure, track, and review their system audit...
A security risk analysis is a vital part of the risk management process. According to the HIPAA Security Rule, all HIPAA-covered organizations must conduct them. This analysis helps your organization prevent, detect, contain, and correct security violations. However,...
The Joint Commission (TJC) has concluded that it is not acceptable to use secure text messaging for patient care orders. Industry experts weighed in on the pros and cons of implementing secure text orders, and the impact on patient safety remained unclear. Therefore,...
Document management and storage is a universal business concern. This issue is even greater for healthcare organizations. As a HIPAA-covered organization, you must keep both your electronic and paper records secure. Many small or medium-sized healthcare organizations...