Healthcare Compliance Archives

HIPAA for the Clinician, Part 4, What an OCR Investigation Looks Like

by Will Evertsen - May 20, 2026May 21, 2026 044

HIPAA for the Clinician, Part 4, What an OCR Investigation Looks Like will evertsen Introduction Most covered entities have a vague, uncomfortable sense that an OCR investigation is something to be avoided. Fewer still have a clear picture of what one involves, how it starts,

Your Completed Risk Assessment Just Became a Liability

by Will Evertsen - April 27, 2026 062

Your Completed Risk Assessment Just Became a Liability Will Evertsen Introduction A data breach hits your practice. OCR opens an investigation. You pull out your completed Security Risk Analysis, hand it over, and wait for the process to run its course. After all, OCR has

Small Practice, Big Target: Why Solo and Group Practices Are Healthcare’s Most Vulnerable Entities

by Will Evertsen - April 22, 2026April 22, 2026 0446

Small Practice, Big Target: Why Solo and Group Practices Are Healthcare’s Most Vulnerable Entities Will Evertsen Introduction You run a small practice. You see patients, manage a lean staff, keep the lights on, and do your best to stay current on clinical obligations. Cybersecurity, if

Your EHR Is Not Your Compliance Program

General Topics

by Will Evertsen - March 16, 2026March 20, 2026 0991

Your EHR Is Not Your Compliance Program The call to the EHR vendor’s support line goes something like this: A practice administrator has just received an OCR data request letter and is trying to figure out what documentation they need to produce. Somewhere in the conversation, they ask the support rep