(Journal of Healthcare Information Management – (JHIM) – Spring 2013 – Used by permission from HIMSS). We should all know by now that the Office for Civil Rights (OCR) has been mandated to audit all HIPAA Covered Entities (CEs) and Business Associates (BAs), and we now know the main ingredients of the audits, the protocols, which are subject to change over time based on audit results. All CEs and BAs should begin a process now to prepare for an OCR audit based on the most current protocols. Why? Because once the OCR notifies you that your organization will be audited, you only have a couple of weeks to prepare.

Mobile Devices Are Here to Stay, But Challenges Remain
(Journal of Healthcare Information Management – (JHIM) – Summer 2012 – Used by permission from HIMSS). “The use of portable devices, especially the iPhone and iPad are turning physicians into iDocs. These consumer tools are moving into the healthcare environment at a break neck speed! We have seen increased usability. That is good. But, we also have seen increased security risks. That is bad”.

How to Prepare for a HIPAA – HITECH Audit
(Journal of Healthcare Information Management – (JHIM) – Spring 2012 – Used by permission from HIMSS). Covered entities (CEs) and business associates (BAs) can now clearly see the “HIPAA police” up ahead on the “side of the road”.

(Journal of Healthcare Information Management – (JHIM) – Fall 2011 – Used by permission from HIMSS) A question that we have been asked by a number of our clients over the past six (6) months is: “What do we really need to do for Meaningful Use (MU) Stage 1 in regards to information security risk analysis?”