Podcasts about security rule

  • 29PODCASTS
  • 56EPISODES
  • 31mAVG DURATION
  • 1EPISODE EVERY OTHER WEEK
  • Mar 21, 2025LATEST

POPULARITY

20172018201920202021202220232024


Best podcasts about security rule

Latest podcast episodes about security rule

Group Practice Tech
Episode 510: A Potpourri of Updates: Teletherapy, HIPAA, and Medicare

Group Practice Tech

Play Episode Listen Later Mar 21, 2025 16:58


Welcome solo and group practice owners! We are Liath Dalton and Evan Dumas, your co-hosts of Group Practice Tech. In our latest episode, we're sharing recent developments related to teletherapy and Medicare, HIPAA's proposed Security Rule changes, and cross-jurisdictional Compacts.  We discuss: Expanded telehealth flexibilities and waivers for Medicare and where things currently stand Reactions to the proposed Security Rule updates Making updates even when they aren't required to safeguard client info and your practice Timelines for applications opening for the Counseling Compact and the Social Work Licensing Compact  Our upcoming CE training on Cross-Jurisdictional Teletherapy Practice in 2025 Listen here: https://personcenteredtech.com/group/podcast/ For more, visit our website. Resources American Telehealth Association: No Shutdown For Telehealth As Congress Passes Spending Bill To Keep The Government Open, Including Critical Telehealth Extensions, ATA Action Celebrates Vote Health IT Security News Article: MGMA, CHIME ask Trump to rescind proposed HIPAA Security Rule Counseling Compact: "Applications for Counseling Compact privileges to practice are expected to open in late summer or early fall 2025." Social Work Licensure Compact: "Multistate License Applications Open – Target Date of Fall 2025 Once the data system is operational in states and the commission has finalized all necessary rulemaking, applications will be made available for social workers to apply for a multistate license. Once eligibility is confirmed by the home state, all fees are paid, and a social worker is granted a multistate license, they will be able to practice in all other member states of the compact without any further steps necessary." PCT Resources New PCT *Live & Recorded* Legal-Ethical CE training: Navigating Legal-Ethical Cross-Jurisdictional Teletherapy Practice in 2025: A Guide for Mental Health Professionals the must-know information on the current considerations for how to legally and ethically navigate cross-jurisdictional teletherapy practice. In particular, we will address licensure compacts, recent legal developments, state-specific rules, risk management strategies, custodian of record obligations, and working with minors across state lines. Presented by Eric Ström, JD PhD LMHC; and PCT Director, Liath Dalton Live presentation on Friday, March 28th PCT's Clinical Staff Teletherapy Training PCT's Teletherapy Director and Supervisor Training for Group Practices PCT's Teletherapy Manuals and Forms for Group Practices Group Practice Care Premium weekly (live & recorded) direct support & consultation service, Group Practice Office Hours -- including monthly session with therapist attorney Eric Ström, JD PhD LMHC + assignable staff HIPAA Security Awareness: Bring Your Own Device training + access to Device Security Center with step-by-step device-specific tutorials & registration forms for securing and documenting all personally owned & practice-provided devices (for *all* team members at no per-person cost) + assignable staff HIPAA Security Awareness: Remote Workspaces training for all team members + access to Remote Workspace Center with step-by-step tutorials & registration forms for securing and documenting Remote Workspaces (for *all* team members at no per-person cost) + more For Solo Practitioners: PCT's Telemental Health Certificate Program

AHLA's Speaking of Health Law
HIPAA Security Rule Proposed Updates: Addressing Increasing Cyberthreats in Health Care

AHLA's Speaking of Health Law

Play Episode Listen Later Mar 11, 2025 58:15 Transcription Available


On January 6, HHS' Office for Civil Rights published a Notice of Proposed Rulemaking titled “HIPAA Security Rule to Strengthen the Cybersecurity of Electronic Protected Health Information.” Wes Morris, Senior Director of Consulting Services, Clearwater, speaks with Jennifer Kreick, Partner, Haynes and Boone LLP, and Thomas Tanabe, Associate, Haynes and Boone LLP, about the proposed updates to the HIPAA Security Rule and the practical impacts for health care organizations. They discuss what is driving these proposed updates and issues related to “required” and “addressable” specifications, sanctions, technology asset inventories and network maps, risk analysis, business associates, and costs and timeline related to implementation. Jennifer and Thomas recently authored an AHLA Bulletin on this topic. From AHLA's Health Information and Technology Practice Group. Sponsored by Clearwater.AHLA's Health Law Daily Podcast Is Here! AHLA's popular Health Law Daily email newsletter is now a daily podcast, exclusively for AHLA Premium members. Get all your health law news from the major media outlets on this new podcast! To subscribe and add this private podcast feed to your podcast app, go to americanhealthlaw.org/dailypodcast.

Group Practice Tech
Episode 508: Reassurance About the Proposed HIPAA Security Rule Change-Induced Panic

Group Practice Tech

Play Episode Listen Later Mar 7, 2025 26:21


Welcome solo and group practice owners! We are Liath Dalton and Evan Dumas, your co-hosts of Group Practice Tech. In our latest episode, we're hoping to lower the level of distress around the proposed HIPAA Security Rule changes for therapy practice owners.  We discuss: What the some of the proposed changes to the Security Rule are, including penetration testing The timeframe for these changes if they are implemented, and the likelihood they actually will be implemented The rationale behind the proposed changes, and why they're necessary in our current threat landscape How following the PCT Way can minimize the changes you need to make as HIPAA regulations evolve Centering client care and safeguarding client info as a motivating factor, rather than fear Listen here: https://personcenteredtech.com/group/podcast/ For more, visit our website. Resources JD Supra article summarizing proposed HIPAA Security Rule Changes and context: New Year, New HIPAA Security Rule: OCR Adds to Health Care Entities' New Year's Resolutions HHS Fact Sheet on proposed changes: HIPAA Security Rule Notice of Proposed Rulemaking to Strengthen Cybersecurity for Electronic Protected Health Information Full text of the Notice of Proposed Rulemaking (NPRM) in the Federal Register: HIPAA Security Rule To Strengthen the Cybersecurity of Electronic Protected Health Information Comments on the NPRM (Note, you can also search the public comments by keyword; ability make comments closed on 3/7/25) PCT Resources PCT's Comprehensive HIPAA Security Compliance Program (discounted) bundles: For Group Practices For Solo Practitioners PCT's HIPAA Risk Analysis & Risk Mitigation Planning service for mental health  practices -- care for your practice using our supportive, shame-free risk analysis and mitigation planning service. You'll have your Risk Analysis done within 2 hours, performed by a PCT consultant, using a tool built specifically for mental health group practice, and a mitigation checklist to help you reduce your risks. Group Practice Care Premium weekly (live & recorded) direct support & consultation service, Group Practice Office Hours -- including monthly session with therapist attorney Eric Ström, JD PhD LMHC + assignable staff HIPAA Security Awareness: Bring Your Own Device training + access to Device Security Center with step-by-step device-specific tutorials & registration forms for securing and documenting all personally owned & practice-provided devices (for *all* team members at no per-person cost) + assignable staff HIPAA Security Awareness: Remote Workspaces training for all team members + access to Remote Workspace Center with step-by-step tutorials & registration forms for securing and documenting Remote Workspaces (for *all* team members at no per-person cost) + more

Cyber Risk Management Podcast
EP 178: New HIPAA Security Rule

Cyber Risk Management Podcast

Play Episode Listen Later Feb 25, 2025 46:57


The US Government recently released a "notice of proposed rulemaking" to update the Security Standards for the Protection of Electronic Protected Health Information. Yes, this is HIPAA. But what will it mean for covered entities and their business associates? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates. Show notes: https://www.ecfr.gov/current/title-45/subtitle-A/subchapter-C/part-164/subpart-C

partner us government hipaa ciso l gates jake bernstein security rule hipaa security kip boyle cyber risk opportunities
Help Me With HIPAA
HIPAA Security Changes Are Here: We Saw This Coming - Ep 492

Help Me With HIPAA

Play Episode Listen Later Jan 17, 2025 56:43


Hold onto your compliance hats—big changes are brewing for HIPAA's Security Rule! The Notice of Proposed Rulemaking (NPRM) is officially out for public comment, and it's clear HHA and OCR are on a mission to modernize and tighten the safeguards for electronic protected health information (ePHI). From clarifying risk analysis expectations to making security requirements less, well, “vague,” these updates aim to bolster patient safety and data protection while keeping pace with today's tech-driven world. But with great updates come great responsibilities for covered entities and business associates alike, so now's the perfect time to weigh in and help shape the final rule before it's set in stone. More info at HelpMeWithHIPAA.com/492

hipaa ocr coming ep hha security rule hipaa security ephi proposed rulemaking nprm
The Medcurity Podcast: Security | Compliance | Technology | Healthcare
New Proposed Updates to the HIPAA Security Rule | Medcurity Live 077

The Medcurity Podcast: Security | Compliance | Technology | Healthcare

Play Episode Listen Later Jan 15, 2025 3:59


Proposed HIPAA updates could redefine how healthcare handles cybersecurity. From mandatory encryption to multi-factor authentication, these changes aim to tackle modern threats head-on. In this episode, we're breaking down what's changing and what it means for compliance in 2025. Learn more about Medcurity here: https://medcurity.com #Healthcare #Cybersecurity #Compliance #HIPAA 

NFP Benefits Compliance Podcast
EP 153: New Proposed HIPAA Security Rule Regulations Potential Impact on Employer Group Health Plans

NFP Benefits Compliance Podcast

Play Episode Listen Later Jan 14, 2025 21:44


In this episode, Suzanne Spradley and Chase Cannon discuss recently published proposed regulations relating to HIPAA's Security Rule. Suzanne leads off with an overview of the HIPAA privacy and security rules generally, focusing on security — the usage of personal health information in electronic form. Suzanne and Chase discuss potential changes in definitions under HIPAA's Security Rule, how the risk analysis requirement might be impacted, and what employers should be considering with their internal benefits, technology, and IT teams. Suzanne closes the podcast with her thoughts on the process and timeline for finalizing the proposed regulations.

McDermott+Consulting
Proposed Changes to HIPAA Security Rule

McDermott+Consulting

Play Episode Listen Later Jan 9, 2025 13:47


This week in the Breakroom, Ryan Higgins, Partner at McDermott Will & Emery, joins Maddie News to discuss the recently released HHS proposed rule that would increase cybersecurity protections for electronic protected health information.

The Broadcast Retirement Network
The House Education and Workforce Committee passes a CRA resoution to overturn the Retirement Security Rule

The Broadcast Retirement Network

Play Episode Listen Later Jul 14, 2024 16:34


#BRNSunday #1783  | The House Education and Workforce Committee passes a CRA resoution to overturn the Retirement Security Rule  | David Levine and Kevin Walsh Groom Law Group & Oliver Renick, Schwab Network   | #Tunein: broadcastretirementnetwork.com #JustTheFacts 

The Broadcast Retirement Network
The U.S. Department of Labor Releases the Final Retirement Security Rule

The Broadcast Retirement Network

Play Episode Listen Later Apr 28, 2024 21:51


#BRNSunday #1708 | The U.S. Department of Labor Releases the Final Retirement Security Rule | David Levine & Kevin Walsh, Groom Law Group | #Tunein: broadcastretirementnetwork.com #JustTheFacts

K&L Gates Health Care Triage
Health System Cybersecurity Risks: Part Two

K&L Gates Health Care Triage

Play Episode Listen Later Apr 1, 2024 22:49


In this two-part Triage series, Gina Bertolini, Sarah Carlins, and Jianne McDonald analyze two recent HHS initiatives that address cybersecurity risks to hospitals and health systems nationwide. Cybersecurity events involving our nation's health care providers have precipitously risen in the past five years. The Department of Health and Human Services' Office for Civil Rights (OCR) reports a nearly 300% increase in large data breaches that involve ransomware reported to OCR from 2018 to 2022. Interoperability remains a major government priority, and as remote care models continue to proliferate and the need intensifies for big data to feed increasingly complex technologies, risks to health care providers will continue to abound.   In part two, Gina Bertolini and Sarah Carlins discuss HHS's “Healthcare Sector Cybersecurity” report, which outlines HHS's strategy for securing the digital infrastructure of our nation's health care system. HHS's strategy includes increased funding for support and enforcement of HIPAA's Security Rule and the implementation of voluntary Cybersecurity Performance Goals, and HHS projects changes to HIPAA's Security Rule coming in the Spring of 2024.

Group Practice Tech
Episode 410: Upcoming HIPAA Security Rule Changes

Group Practice Tech

Play Episode Listen Later Mar 29, 2024 10:21


Welcome solo and group practice owners! We are Liath Dalton and Evan Dumas, your co-hosts of Group Practice Tech.   In our latest episode, we give group practice owners a heads up about upcoming changes to the HIPAA Security Rule.    We discuss what the focus of these rule changes will be; why the changes are happening; steps you can take to be proactive about HIPAA changes; and PCT's practical tools to help you get on top of things in a manageable way.   Listen here: https://personcenteredtech.com/group/podcast/   For more, visit our website. Resources & Further Information Vital Signs: Digital Health Law Update | Winter 2024 | JD Supra 2024 Update: Regulators Use “Carrots and Sticks” to Incentivize Healthcare Sector Cybersecurity Compliance 3 ways to prepare for impending HIPAA Security Rule updates HHS Unveils Healthcare Cybersecurity Strategy PCT Resources HIPAA Risk Analysis & Risk Mitigation Planning service for mental health group practices -- care for your practice using our supportive, shame-free risk analysis and mitigation planning service. You'll have your Risk Analysis done within 2 hours, performed by a PCT consultant, using a tool built specifically for mental health group practice, and a mitigation checklist to help you reduce your risks. Group Practice Care Premium weekly (live & recorded) direct support & consultation service, Group Practice Office Hours + assignable staff HIPAA Security Awareness: Bring Your Own Device training + access to Device Security Center with step-by-step device-specific tutorials & registration forms for securing and documenting all personally owned & practice-provided devices (for *all* team members at no per-person cost) + assignable staff HIPAA Security Awareness: Remote Workspaces training for all team members + access to Remote Workspace Center with step-by-step tutorials & registration forms for securing and documenting Remote Workspaces (for *all* team members at no per-person cost) + more PCT's Group Practice PCT Way HIPAA Compliance Manual & Materials -- comprehensive customizable HIPAA Security Policies & Procedure and materials templates specifically for mental health group practices. with a detailed step-by-step project plan and guided instructions for adopting & implementing efficiently **includes policy prohibition on use of BCC and CC; workforce forwarding emails from their practice email account to personal email account; data entry checking/not using autofill suggestions for recipients -- the P&P components that address the email gone awry situations we discussed in the podcast episode Policies & Procedures include: Customizable templates that address each of the HIPAA Security Rule Standards. Ready for plug-and-play real practice application. Computing Devices and Electronic Media Technical Security Policy Bring Your Own Device (BYOD) Policy Communications Security Policy Information Systems Secure Use Policy Risk Management Policy Contingency Planning Policy Device and Document Transport and Storage Policy Device and Document Disposal Policy Security Training and Awareness Policy Passwords and Other Digital Authentication Policy Software and Hardware Selection Policy Security Incident Response and Breach Notification Policy Security Onboarding and Exit Policy Sanction Policy Policy Release of Information Security Policy Remote Access Policy Data Backup Policy Facility/Office Access and Physical Security Policy Facility Network Security Policy Computing Device Acceptable Use Policy Business Associate Policy Access Log Review Policy Forms & Logs include: Workforce Security Policies Agreement Security Incident Report PHI Access Determination Password Policy Compliance BYOD Registration & Termination Data Backup & Confirmation Access Log Review Key & Access Code Issue and Loss Third-Party Service Vendors Building Security Plan Security Schedule Equipment Security Check Computing System Access Granting & Revocation Training Completion Mini Risk Analysis Security Incident Response Security Reminder Practice Equipment Catalog + Workforce Security Manual & Leadership Security Manual -- the role-based practical application oriented distillation of the formal Policies & Procedures + 2 complimentary seats of the Security Officer Endorsement Training Program (1 for Security Officer; 1 for Deputy (or future Deputy) Security Officer.

Product Stories
The Two Fundamental Rules of HIPAA You Need to Know

Product Stories

Play Episode Listen Later Mar 28, 2024 5:28


At its core, HIPAA revolves around two main rules – The Privacy Rule and The Security Rule. We already looked at what HIPAA is and the penalties involved. In this second episode, David we’ll break down everything about the two fundamental rules of HIPAA that you need to know! The HIPAA Privacy Rule provides federal […]

Federal Drive with Tom Temin
What contractors should do now about DoD's new cyber security rule

Federal Drive with Tom Temin

Play Episode Listen Later Dec 28, 2023 10:58


Defense contractors are parsing out a nearly 250-page proposed rule. It landed sort like a lump of coal on Christmas Eve. It is all about a program known as Cybersecurity Maturity Model Certification (CMMC). At the very least, if you are even tangentially involved in the topic, you should read the proposal and prepare comments. For more, Federal Drive Host Tom Temin talked with procurement attorney Eric Crusius, a partner at Holland and Knight. Learn more about your ad choices. Visit megaphone.fm/adchoices

The Broadcast Retirement Network
US Department of Labor Prepares for Online Hearing on Proposed Retirement Security Rule

The Broadcast Retirement Network

Play Episode Listen Later Dec 10, 2023 24:46


#BRNSunday #1576 | US Department of Labor Prepares for Online Hearing on Proposed Retirement Security Rule | Kevin Walsh, Groom Law Group  | #Tunein: broadcastretirementnetwork.com #JustTheFacts

The Broadcast from CBC Radio
New border security rule for shipping will be costly + Unpacking the issue with contested crab quota

The Broadcast from CBC Radio

Play Episode Listen Later Mar 23, 2023 18:58


Alberto Wareham of Icewater Seafoods says new border security rule discriminates against NL businesses + FFAW fish scientist Erin Carruthers helps us understand issue with 3L snow crab quota.

Group Practice Tech
Episode 311: [Compliance] HIPAA Training for your Team - Requirements and Best Practices

Group Practice Tech

Play Episode Listen Later Mar 17, 2023 42:26


Welcome solo and group practice owners! We are Liath Dalton and Evan Dumas, your co-hosts of Group Practice Tech. In our latest episode, we're busting myths about HIPAA training requirements for group practices. We discuss training requirements in terms of the Privacy Rule and Security Rule (and the distinctions between them); when training is required; suggestions to keep training uniform; what resources are available for you and your teams; utilizing tools that are already in your tech stack; compliance documentation; preventing burnout; and having a strong security culture in your practice. Listen here: https://personcenteredtech.com/group/podcast/ For more, visit our website. Resources PCT's HIPAA Security Reminder Memes Step Two of the PCT Way: Training -- role-based, foundational and needs-based topical trainings on HIPAA, mental health ethics, and teletherapy designed specifically for mental health group practices PCT's Group Practice Care: Assign, remind, and track staff training completion with a few clicks in your PCT Dashboard. Set it and forget it. *GPC basic is FREE! **GPC Premium includes HIPAA Security Awareness: Bring Your Own Device + HIPAA Security Awareness: Remote Workspaces training for ALL staff at no per-person cost Additional Security Reminder sources: HealthITSecurity newsletter (select HIPAA, Cybersecurity and Ransomware option) + the Office of Civil Rights (the HIPAA administrators) Security & Privacy Listservs

Group Practice Tech
Episode 308: [Risk Management] Unlocking the Mysteries and Benefits of a Risk Analysis with PCT

Group Practice Tech

Play Episode Listen Later Feb 24, 2023 35:45


Welcome solo and group practice owners! We are Liath Dalton and Evan Dumas, your co-hosts of Group Practice Tech. In our latest episode, we dive deep on the process of HIPAA security risk analysis in a group practice context. We discuss why risk analysis is overwhelming; reframing the way you consider risk analysis; remembering what you are doing right; the recent annual report to Congress from HHS and the Office of Civil Rights (OCR); general requirements for a risk analysis; how PCT approaches risk analysis (in 2 hours!); categories of risk; the tangible benefits of risk analysis in group practice; risk mitigation plans; and approaching risk analysis without burning out. Listen here: https://personcenteredtech.com/group/podcast/ For more, visit our website. Resources PCT's HIPAA Risk Analysis & Risk Mitigation Service for mental health group practices -- have us perform your risk analysis and do all the heavy lifting of this foundational HIPAA requirement   HHS' Guidance on Risk Analysis   HHS Office of Civil Rights emphasized the need for increased compliance with the Risk Analysis requirement in the recently (2/17/2023) released Annual Report to Congress on Breaches of Unsecured Protected Health Information: "Risk Analysis. The Security Rule requires regulated entities to conduct an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of ePHI held by the covered entity or business associate. Failures to conduct a risk analysis leave regulated entities vulnerable to breaches of unsecured ePHI as cybersecurity attacks are increasing."

HealthcareNOW Radio - Insights and Discussion on Healthcare, Healthcare Information Technology and More
1st Talk Compliance: Rachel Rose, ESQ on A Business Associate Agreement? Tell Me More!

HealthcareNOW Radio - Insights and Discussion on Healthcare, Healthcare Information Technology and More

Play Episode Listen Later Nov 30, 2022 27:57


Host Catherine Short welcomes Rachel V. Rose, JD, MBA, on the topic of “A Business Associate Agreement? Tell Me More!” Business Associate Agreements (BAA) are not new; however, some individuals are new to healthcare and others never understood what a BAA is exactly. A BAA is a contract that fundamentally gives assurances that the parties are complying with the Security Rule and Privacy Rule, setting parameters in the event of a reportable security incident or a breach, and states how the sensitive data will be returned and destroyed at the end of the relationship. To stream our Station live 24/7 visit www.HealthcareNOWRadio.com or ask your Smart Device to “….Play Healthcare NOW Radio”. Find all of our network podcasts on your favorite podcast platforms and be sure to subscribe and like us. Learn more at www.healthcarenowradio.com/listen

AHLA's Speaking of Health Law
Tips and Traps: Conducting a HIPAA Security Rule Risk Analysis

AHLA's Speaking of Health Law

Play Episode Play 58 sec Highlight Listen Later Nov 15, 2022 36:25 Transcription Available


Cathie Brown, Vice President, Consulting Services, Clearwater, speaks with Ryan Higgins, Partner, McDermott Will & Emery, about what a HIPAA Security Rule Risk Analysis (HSRA) is and what it means to conduct an “OCR-compliant” risk analysis. They discuss how an HSRA relates to other security assessments, suggestions for organizations to follow when conducting an HSRA, and the risks of failing to conduct an HSRA. Ryan recently co-authored an article on this topic for AHLA's Health Law Weekly. Sponsored by Clearwater.To learn more about AHLA and the educational resources available to the health law community, visit americanhealthlaw.org.

1st Talk Compliance
A Business Associate Agreement? Tell Me More!

1st Talk Compliance

Play Episode Listen Later Nov 14, 2022 27:57


1st Talk Compliance features guest Rachel V. Rose, JD, MBA, principal with Rachel V. Rose – Attorney at Law, P.L.L.C., Houston, TX, on the topic of “A Business Associate Agreement? Tell Me More!” Rachel joins our host Catherine Short to discuss how Business Associate Agreements (BAA) are not new; however, some individuals are new to healthcare and others never understood what a BAA is exactly. A BAA is a contract that fundamentally gives assurances that the parties are complying with the Security Rule and Privacy Rule, setting parameters in the event of a reportable security incident or a breach, and states how the sensitive data will be returned and destroyed at the end of the relationship. This presentation not only seeks to dispel myths about why certain language is prevalent in nearly all BAAs, but also provides insight into other provisions, and items for consideration, in light of the 21st Century Cures Act.

1st Talk Compliance
A Business Associate Agreement? Tell Me More!

1st Talk Compliance

Play Episode Listen Later Nov 14, 2022 27:57


1st Talk Compliance features guest Rachel V. Rose, JD, MBA, principal with Rachel V. Rose – Attorney at Law, P.L.L.C., Houston, TX, on the topic of “A Business Associate Agreement? Tell Me More!” Rachel joins our host Catherine Short to discuss how Business Associate Agreements (BAA) are not new; however, some individuals are new to healthcare and others never understood what a BAA is exactly. A BAA is a contract that fundamentally gives assurances that the parties are complying with the Security Rule and Privacy Rule, setting parameters in the event of a reportable security incident or a breach, and states how the sensitive data will be returned and destroyed at the end of the relationship. This presentation not only seeks to dispel myths about why certain language is prevalent in nearly all BAAs, but also provides insight into other provisions, and items for consideration, in light of the 21st Century Cures Act.

Help Me With HIPAA
New Security Rule Guide Coming - Ep 367

Help Me With HIPAA

Play Episode Listen Later Aug 5, 2022 42:32


A new security rule guide that we've all been waiting for! NIST has developed a cybersecurity resource guide on implementing the HIPAA Security Rule. It provides key activities, descriptions and sample questions to help covered entities and business associates comply with the HIPAA Security Rule.  This guide has tons of good information in it. So, listen in as we discuss some of the cool stuff we picked out. More info at HelpMeWithHIPAA.com/367

AHLA's Speaking of Health Law
HIPAA Security Rule Compliance: A Discussion with Former OCR Director Roger Severino

AHLA's Speaking of Health Law

Play Episode Listen Later Sep 28, 2021 23:25


In statements throughout his tenure as Director of HHS' Office for Civil Rights from 2017-2021, Roger Severino was repeatedly critical of organizations for not performing a risk analysis or taking action to mitigate identified risks, as required by the HIPAA Security Rule. Clearwater Executive Chairman Bob Chaput talks to him about why he's so passionate about this area of HIPAA compliance and previews the more in-depth discussion that will take place during a special web event on Thursday, September 30. Sponsored by Clearwater. 

1st Talk Compliance
HIPAA Compliance for Business Associates

1st Talk Compliance

Play Episode Listen Later Dec 2, 2020 78:25


First Healthcare Compliance hosts Rachel V. Rose, JD, MBA, principal with Rachel V. Rose – Attorney at Law, P.L.L.C., Houston, TX, for an interactive discussion on “HIPAA Compliance for Business Associates.” The July 2020 monetary payment of over $1 million dollars by a health system to HHS-OCR serves as a reminder to covered entities and business associates alike that HIPAA violations can be costly. The focus of this presentation is on business associates and subcontracts and the potential threats that can exploit vulnerabilities and trigger costly reporting to government agencies, as well as private lawsuits. Risk mitigation strategies will also be discussed, as well as some key items that should not be overlooked during the COVID-19 Pandemic. Objectives: 1. Legal obligations of business associates and subcontractors. 2. Areas of liability, which can extend throughout the "link of trust" between covered entities, business associates and subcontractors. 3. Utilizing compliance with the Privacy Rule, Security Rule, and NIST Standards to mitigate risk - even during COVID.

Pharmacy, IT, & Me: Your Informatics Pharmacist Podcast
180. What is the HIPAA Security Rule?

Pharmacy, IT, & Me: Your Informatics Pharmacist Podcast

Play Episode Listen Later Mar 23, 2020 4:44


180. What is the HIPAA Security Rule? Intended Audience: EveryoneThe HIPAA Security Rule is related to the HIPAA Privacy Rule, though HIPAA Security Rule covers the safeguards in relation to ePHI. Today's episode, we quickly go over the requirements in the HIPAA Security Rule. Follow us on social media! Twitter: @pharmacyitme Instagram: @pharmacyinformatics LinkedIn: https://www.linkedin.com/company/pharmacyitme/ Website: Pharmacy IT & Me Email: tony@pharmacyitme.com Follow Tony's personal Twitter account at @tonydaopharmd Network with other pharmacists at Pharmacists Connect!http://pharmacistsconnect.com For more information on pharmacy informatics, check out some of the following useful links: ASHP's Section of Pharmacy Informatics and Technology: https://www.ashp.org/Pharmacy-Informaticist/Section-of-Pharmacy-Informatics-and-Technology/ HIMSS Pharmacy Informatics Community: https://www.himss.org/library/pharmacy-informatics Disclaimer: Views expressed are my own and do not reflect thoughts and opinions of any entity with which I have been, am now, or will be affiliated.This podcast is powered by Pinecast.

technology pinecast security rule hipaa security ephi hipaa privacy rule pharmacy informatics
Pro Pharma Talks
Patient Privacy (HIPPA) and Data Security

Pro Pharma Talks

Play Episode Listen Later Jan 29, 2020 32:10


Topics for Security Talk 1. PHI = personal health information 2. Security a. Passwords – 8 characters can be hacked in less than 1 minute b. Two Factor Authentication c. Confidentiality refers to protection of information shared with an attorney, therapist, physician (or other) from being shared with third parties without express consent. ... Privacy, on the other hand, refers to the legal protection of personal medical information from being shared on a public platform.Mar 4, 2019 3. Privacy a. Professional Code of Ethics 1. A pharmacist respects the autonomy and dignity of each patient. A pharmacist promotes the right of self-determination and recognizes individual self-worth by encouraging patients to participate in decisions about their health. A pharmacist communicates with patients in terms that are understandable. b. HIPAA i. The HIPAA Privacy Rule for the first time creates national standards to protect individuals' medical records and other personal health information. It gives patients more control over their health information. It sets boundaries on the use and release of health records. 1. www.hhs.gov › hipaa › for-individuals › faq › what-does-the-hipaa-priv... ii. Treatment iii. Administration/Utilization iv. Payment c. HealthIT.gov i. The privacy and security of patient health information is a top priority for patients and their families, health care providers and professionals, and the government. ... The Security Rule sets rules for how your health information must be kept secure with administrative, technical, and physical safeguards. Dec 17, 2018 HealhtIT.gov 4. HIPAA a. Treatment b. Administration/Utilization c. Payment 5. Controversy over Security a. Pro: Data needed for treatment b. Con: How data is used? c. Long, detailed responses to data security before it can be used ______ Make sure to subscribe to get the latest episode. Contact Us: Pharmacy Benefit News: http://www.propharmaconsultants.com/pbn.html Email: info@propharmaconsultants.com Website: http://www.propharmaconsultants.com/ Facebook: https://www.facebook.com/propharmainc Twitter: https://twitter.com/ProPharma/ Instagram: https://www.instagram.com/propharmainc/ LinkedIn: https://www.linkedin.com/company/pro-pharma-pharmaceutical-consultants-inc/ Podcast: https://anchor.fm/pro-pharma-talks

Theory Of A Blind Man
Trump administration proposes Social Security rule changes that could cut off thousands of disabled

Theory Of A Blind Man

Play Episode Listen Later Dec 21, 2019 29:35


Today I am discussing the recent article from The Inquirer out of Pittsburg Pennsylvania from December 12, 2019. If you are receiving Social Security benefits, you may want to look into this further. One thing to find out is what does the Social Security Administration have you labeled as. And just ask the SSA how will this effect your benefits. You can watch on either Facebook Live: https://fbwat.ch/1W8h9G521t0NCpWI or on YouTube: https://www.youtube.com/watch?v=jSAfDgh7_MU Also, later today I will be live with Independently Blind for his live creator contest giveaway. Make sure you follow his Facebook page to watch the drawing live and discuss with us what we use and how we use our gear for creating content. https://www.facebook.com/independentlyblind Don't forget to follow me on Facebook, Twitter, and Anchor FM. https://www.facebook.com/therealtheoryofablindman https://www.twitter.com/TheoryOBlindMan https://anchor.fm/theoryofablindman If you enjoy my content and wish to donate, you can support me on Patreon, PayPalMe, or become a listener supporter on Anchor FM. https://www.patreon.com/therealtheoryofablindman https://www.paypal.me/theoryofablindman https://anchor.fm/theoryofablindman/support Thank you all for your support and interest into one little blind man's life.

HealthcareNOW Radio - Insights and Discussion on Healthcare, Healthcare Information Technology and More
1st Talk Compliance: Rachel Rose, JD, MBA, principal of Rachel V. Rose – Attorney at Law, P.L.L.C.

HealthcareNOW Radio - Insights and Discussion on Healthcare, Healthcare Information Technology and More

Play Episode Listen Later Nov 16, 2019 27:51


Host Catherine Short talks to Rachel V. Rose, JD, MBA, principal of Rachel V. Rose – Attorney at Law, P.L.L.C., Houston, TX, about the topic of “HIPAA and Health Apps.” As technology evolves and features are adopted by healthcare consumers, so does the need for either new regulations and/or guidance on existing regulations. This radio show highlights the Privacy Rule and the Security Rule in the context of PHI sales and marketing, as well as addressing the recent HHS FAQs on Health Apps. We will learn to appreciate privacy and security concerns related to the marketing and/or sale of PHI, address the recent HHS FAQs on Healthcare Apps, and learn risk-mitigation tips to reduce legally liability. Want to stream our station live? Visit www.HealthcareNOWRadio.com. Find all of our show podcasts on your favorite podcast channel and of course on Apple Podcasts in your iTunes store or here: https://podcasts.apple.com/us/podcast/healthcarenow-radio/id1301407966?mt=2

1st Talk Compliance
HIPAA Security Rule – How to Manage Adherence

1st Talk Compliance

Play Episode Listen Later Oct 23, 2018 46:15


First Healthcare Compliance hosts Raymond Ribble, founder of SPHER Inc. and co-founder of Fusion Systems Co., Ltd. for an interactive discussion on “HIPAA Security Rule – How to Manage Adherence.” Raymond leads this webinar on approaching a Security Risk Assessment and understanding the benefits and impact the audit has within your organization. Educational Objectives: 1.... The post HIPAA Security Rule – How to Manage Adherence appeared first on First Healthcare Compliance.

manage adherence security rule hipaa security first healthcare compliance
1st Talk Compliance
HIPAA Security Rule – How to Manage Adherence

1st Talk Compliance

Play Episode Listen Later Oct 23, 2018 46:15


First Healthcare Compliance hosts Raymond Ribble, founder of SPHER Inc. and co-founder of Fusion Systems Co., Ltd. for an interactive discussion on “HIPAA Security Rule - How to Manage Adherence.” Raymond leads this webinar on approaching a Security Risk Assessment and understanding the benefits and impact the audit has within your organization. Educational Objectives: 1. The post HIPAA Security Rule – How to Manage Adherence appeared first on First Healthcare Compliance.

manage adherence security rule hipaa security first healthcare compliance
Healthcare Information Security Podcast
HIPAA Security Rule Turns 20: It's Time for a Facelift

Healthcare Information Security Podcast

Play Episode Listen Later Aug 10, 2018


Government Information Security Podcast
HIPAA Security Rule Turns 20: It's Time for a Facelift

Government Information Security Podcast

Play Episode Listen Later Aug 9, 2018


Info Risk Today Podcast
HIPAA Security Rule Turns 20: It's Time for a Facelift

Info Risk Today Podcast

Play Episode Listen Later Aug 9, 2018


Data Breach Today Podcast
HIPAA Security Rule Turns 20: It's Time for a Facelift

Data Breach Today Podcast

Play Episode Listen Later Aug 9, 2018


Credit Union Information Security Podcast
HIPAA Security Rule Turns 20: It's Time for a Facelift

Credit Union Information Security Podcast

Play Episode Listen Later Aug 9, 2018


Careers Information Security Podcast
HIPAA Security Rule Turns 20: It's Time for a Facelift

Careers Information Security Podcast

Play Episode Listen Later Aug 9, 2018


Banking Information Security Podcast
HIPAA Security Rule Turns 20: It's Time for a Facelift

Banking Information Security Podcast

Play Episode Listen Later Aug 9, 2018


Perspectives on Health and Tech
Ep. 37: Inspira's Francois Bodhuin on Patient Information Security

Perspectives on Health and Tech

Play Episode Listen Later Aug 29, 2017 13:34


Cyberattacks are happening in the health care industry at an alarming rate and some speculate that health care organizations will be the most targeted sector in 2017. As this trend continues to climb, the government has enacted regulatory changes around the HIPAA Privacy and Security Rule requirements. In this episode of The Cerner Podcast, Francois Bodhuin, IT director at Inspira Health Network, a nonprofit health care organization in South Jersey, shares the best practices on how organizations can improve the security of patient information.

Help Me With HIPAA
eCW Whistleblower Made The Difference - Ep 109

Help Me With HIPAA

Play Episode Listen Later Jun 23, 2017 46:05


There are countless times we have covered the "my EHR vendor handles HIPAA for me" misconception. The recent $155 million whistleblower lawsuit settlement between eClinicalWorks (eCW) and the government really brings it home how wrong you can be about EHR vendors. Meaningful Use attestations relied heavily on the vendors supplying proper information. eCW set up thousands of organizations to take a major hit based on the details in this case and it's settlement. Especially, when you take into account that eCW is one of the biggest EHR vendors out there. CIA of PHI is the objective of the entire Security Rule under HIPAA. Unreliable data created by an application is clearly a data Integrity issue. If you can't trust the data can you trust the system at all? If you have knowledge of this kind of stuff going on somewhere you should review it closely. It includes civil payments by developers and project managers not just the C-Suite folks involved.   For more information: HelpMeWithHIPAA.com/109

Down the Security Rabbithole Podcast
DtSR Episode 180 - From the CISO Perspective

Down the Security Rabbithole Podcast

Play Episode Listen Later Feb 9, 2016 42:45


In this episode... Andrew discusses a few of the key challenges making it difficult for the healthcare sector right now Robb, Andrew and Raf discuss the importance of identity in the corporate environment Robb and Andrew give some of their wisdom for the successes and failures of CISOs (and the broader security industry) We discuss the technical vs executive CISO approach (which is better?) Robb and Andrew provide some unfiltered advice for CISOs and those who want to become them Guests Robb Reck ( @RobbReck ) - Chief Information Security Officer at Ping Identity, contributor to ISSA Denver with a long history as a successful security executive and leader. Andrew Labbo - Drew is the CISO at Denver Health and Hospital Authority and is the owner and principal of RMHG, which offers HIPAA consulting and HIPAA advisory services. Drew has over 15 years’ experience with information security and technology and over 10 years’ experience as a Privacy and Data Security Officer. He is an expert on HIPAA Privacy and Security Rule regulations as well as HITECH and Omnibus regulatory updates. Drew’s recommendations are guided by his education in health administration and experience and leadership integrating privacy and security controls with health information technology infrastructure and applications, as well as treatment, payment, operations, and human subjects research workflows and processes.

Info Risk Today Podcast
Why the HIPAA Security Rule Needs Updating

Info Risk Today Podcast

Play Episode Listen Later Dec 21, 2015


security rule hipaa security
Government Information Security Podcast
Why the HIPAA Security Rule Needs Updating

Government Information Security Podcast

Play Episode Listen Later Dec 21, 2015


security rule hipaa security
Healthcare Information Security Podcast
Why the HIPAA Security Rule Needs Updating

Healthcare Information Security Podcast

Play Episode Listen Later Dec 21, 2015


security rule hipaa security
Help Me With HIPAA
Episode 7: HIPAA Myths Part 1

Help Me With HIPAA

Play Episode Listen Later Jun 26, 2015 23:25


  we discuss some common myths (or points of confusion) surrounding HIPAA compliance requirements. Glossary Myth is a widely held but false belief or idea. Links HealthIT.gov Top 10 Myths of Security Risk AnalysisHealthIT.gov Guide to Privacy and Security of Electronic Health Information Analysis Notes Providers are not allowed to share information about a patient with others unless authorized by the patient to do so. False. Providers can share: With anyone the patient identifies as a caregiver When the information is directly relevant to the involvement of spouse, family member, friends, or caregivers. (Ebola for example) When necessary to notify a caregiver about a change in condition or location of a patient (as long as the patient doesn't object) When in the best interest of the patient regardless of their ability to object or not The security risk analysis is optional for small providers and business associates. False. Everyone is required to abide by the Security Rule which specifically requires a security risk analysis. A checklist will suffice for the risk analysis requirement. False.Checklists are tools for doing the analysis and gathering your data but they aren't enough to meet the risk analysis requirement. A Security Risk Analysis must include three main elements (according to OCR guidance): A. Identification of all PHI sourcesB. Human, electronic and environmental threats to the PHIC. Review of current security measures to protect the PHI from those 

Help Me With HIPAA
Episode 6 - HIPAA Compliant IT

Help Me With HIPAA

Play Episode Listen Later Jun 19, 2015 35:16


In this episode we discuss technology support requirements under HIPAA and why professional, HIPAA compliant IT services are an important part of managing your security compliance. The Security Rule has so many specific technical things to consider it really requires professional technology services to handle it properly.  We discuss why that is needed and what to expect from a HIPAA Compliant IT company.  Glossary A managed service provider (MSP) is a third-party contractor that is under contract (usually a monthly fee) to provide on-going technology support to other organizations. Links FindHealthcareIT HIPAAforMSPS.com Kardon Compliance   Notes  

Medical Practice Trends
Medical Practice Trends Podcast 47: HIPAA Security Rule and the Impact of the Final Rule

Medical Practice Trends

Play Episode Listen Later May 14, 2013 5:25


MPT Podcast 47 - HIPAA Security Rule and the Impact of the Final Rule, with guest Mike Meikle of Hawkthorne Consulting Group. Mr. Meikle discusses the HIPAA Omnibus Rule and its effect on the Security Rule, and what it means for medical practices. This Issue (5:25): What is the HIPAA Security Rule? How has the HIPAA Final Rule changed the Security Rule? What is the best way to avoid non-compliance issues with the Security Rule? Click the play button to hear the podcast [smart_track_player url="http://mptaudio.s3.amazonaws.com/$emed$podcast/MPT_podcast_47.mp3" title="MPT Podcast 47 - HIPAA Security Rule and the Impact of the Final Rule, with guest Mike Meikle of Hawkthorne Consulting Group." ]

HIPAA Survival Guide Radio
HIPAA Compliance: What documents must be tracked?

HIPAA Survival Guide Radio

Play Episode Listen Later Jun 15, 2012 45:07


This show (and the next few) will explore what documents you should be tracking within your organization to be HIPAA/HITECH compliant. The number of documents will likely surprise even experienced practitioners. We will take a methodical approach and walkthrough the documents required for the following: 1) the HIPAA Privacy Rule; 2) the HIPAA Security Rule; and 3) the HITECH Breach Notification Rule.

HIPAA Survival Guide Radio
HIPAA Compliance: What documents must be tracked?

HIPAA Survival Guide Radio

Play Episode Listen Later Jun 15, 2012 45:07


This show (and the next few) will explore what documents you should be tracking within your organization to be HIPAA/HITECH compliant. The number of documents will likely surprise even experienced practitioners. We will take a methodical approach and walkthrough the documents required for the following: 1) the HIPAA Privacy Rule; 2) the HIPAA Security Rule; and 3) the HITECH Breach Notification Rule.

HIPAA Survival Guide Radio
HIPAA Compliance: OCR Audit Final Show

HIPAA Survival Guide Radio

Play Episode Listen Later Jun 8, 2012 45:00


This show will conclude our exploration of what you should expect from an OCR audit. We will conclude our review of the HIPAA Security Rule and start reviewing what to expect from a HITECH Breach Notification inquiry. 

HIPAA Survival Guide Radio
HIPAA Compliance: OCR Audit Final Show

HIPAA Survival Guide Radio

Play Episode Listen Later Jun 8, 2012 45:00


This show will conclude our exploration of what you should expect from an OCR audit. We will conclude our review of the HIPAA Security Rule and start reviewing what to expect from a HITECH Breach Notification inquiry. 

HIPAA Survival Guide Radio
HIPAA Compliance: What to expect from an OCR audit (Part 3)?

HIPAA Survival Guide Radio

Play Episode Listen Later Jun 1, 2012 44:56


  This show will continue to explore what you should expect from an OCR audit. We will conclude our review of the HIPAA Privacy Rule and start reviewing what to expect from a HIPAA Security Rule audit. Contrary to popular belief, audits are not these mystical "gotcha" exercises, but rather a methodical walkthrough of the following: 1) the HIPAA Privacy Rule; 2) the HIPAA Security Rule; and 3) the HITECH Breach Notification Rule.

HIPAA Survival Guide Radio
HIPAA Compliance: What to expect from an OCR audit (Part 3)?

HIPAA Survival Guide Radio

Play Episode Listen Later Jun 1, 2012 44:56


  This show will continue to explore what you should expect from an OCR audit. We will conclude our review of the HIPAA Privacy Rule and start reviewing what to expect from a HIPAA Security Rule audit. Contrary to popular belief, audits are not these mystical "gotcha" exercises, but rather a methodical walkthrough of the following: 1) the HIPAA Privacy Rule; 2) the HIPAA Security Rule; and 3) the HITECH Breach Notification Rule.

HIPAA Survival Guide Radio
HIPAA Compliance: What to expect from an OCR audit (Part 2)?

HIPAA Survival Guide Radio

Play Episode Listen Later May 25, 2012 44:48


  This show will continue to explore what you should expect from an OCR audit. Contrary to popular belief, audits are not these mystical "gotcha" exercises, but rather a methodical walkthrough of the following: 1) the HIPAA Privacy Rule; 2) the HIPAA Security Rule; and 3) the HITECH Breach Notification Rule. Auditors, by definition, have to deal with the "reality on the ground" which are the pertinent statutes and regulations. There are systematic ways to attack each of the Rules identified above and we will review those with our audience. We will also review strategies that can help you avoid a finding of "willful neglect."

HIPAA Survival Guide Radio
HIPAA Compliance: What to expect from an OCR audit (Part 2)?

HIPAA Survival Guide Radio

Play Episode Listen Later May 25, 2012 44:48


  This show will continue to explore what you should expect from an OCR audit. Contrary to popular belief, audits are not these mystical "gotcha" exercises, but rather a methodical walkthrough of the following: 1) the HIPAA Privacy Rule; 2) the HIPAA Security Rule; and 3) the HITECH Breach Notification Rule. Auditors, by definition, have to deal with the "reality on the ground" which are the pertinent statutes and regulations. There are systematic ways to attack each of the Rules identified above and we will review those with our audience. We will also review strategies that can help you avoid a finding of "willful neglect."