HIPAA for the Clinician, Part 4, What an OCR Investigation Looks Like will evertsen Introduction Most covered entities have a vague, uncomfortable sense that an OCR investigation is something to be avoided. Fewer still have a clear picture of what one involves, how it starts,
Tag: OCR audit
HIPAA for the Clinician, Part 3 Business Associate Agreements – What They Must Contain and Why Most Don’t
What the Change Healthcare Attack Should Have Taught Every Covered Entity
What the Change Healthcare Attack Should Have Taught Every Covered Entity will evertsen Introduction On February 21, 2024, Change Healthcare went offline. The ransomware attack that took it down was not subtle. Within hours, claims processing across thousands of practices, hospitals, and pharmacies ground to
HIPAA for the Clinician, Part 2: The Security Risk Analysis You’re Probably Not Doing Correctly
HIPAA for the Clinician, Part 2 The Security Risk Analysis You’re Probably Not Doing Correctly Will Evertsen Introduction The questionnaire arrives in your inbox from your EHR vendor. It’s labeled something like “Annual HIPAA Security Assessment” or “Compliance Review Checklist.” You spend twenty minutes clicking
