Products now available in the HSG Store. |
HIPAA Breach Notification Framework
Our HIPAA Breach Notification Framework walks you through the process of analyzing security incidents to determine what actions you must take to ensure your response complies with the HITECH Breach Notification requirements. The Framework discusses HITECH breach compliance in simple terms and uses twelve flowchart diagrams to help you navigate the process. It also includes tools and templates that help "jump start" your breach notification compliance initiative.
Buy Now...
Business Associate Agreement: a HITECH Ready Model Contract
Our model Business Associate Agreement includes provisions that meet the requirements of HIPAA/HITECH and is fully annotated with links to the relevant statutory/regulatory authority that underpins each Contract clause. The Contract package also includes a complete "User's Guide," with a clause-by-clause explanation of the issues addressed in the Contract.
Buy Now...
The Security Rule Under HITECH: a Business Associate Perspective First Edition
The most important step for building a "good SR compliance story" is for the business associate to get started. The approach in The Security Rule Under HITECH is to build the story iteratively over time. Most business associates (large or small) will likely need help in creating the story. The framework discussed throughout this document provides a good road map to follow.
Buy Now...
HIPAA Core Training Combo
This package includes the Breach Notification Simplified Training Module, the HIPAA Privacy Rule under HITECH Training Module, the HIPAA Security Rule Under HITECH Training Module and the HITECH and HIPAA Compliant Training Module all in one Combo Package. Buy all 4 for a little more than than the price of 3
Buy Now... |
Join Our Mailing List |
Interested in staying current on HITECH / HIPAA compliance issues? Click the "join our list" link above and receive your own copy of the newsletter each month.
|
 |
HIPAA Survival Guide Subscription Plan |
 |
Cloud, Social Media, and Mobile Checklist Product Overview |
 |
Business Associate Agreement Product Overview |
 |
HIPAA / HITECH Core Training Product Overview |
 |
Privacy Rule Checklist Product Overview |
 |
Breach Notification Framework Product Overview |
|
|
Dear Carlos,
Welcome to our May 2014 HIPAA Compliance Newsletter.
Our article this month is entitled: Exploding HIPAA Myths!
This article discusses a number of HIPAA misconceptions that keep coming back like the proverbial "bad penny." Compliance with the regulations is far from trivial, however it is not nearly as complex or expensive as some in healthcare would have you believe. There are too many healthcare stakeholders that would rather delay, defer, or refuse to comply altogether. The industry as a whole would be far better off embracing the fact that privacy and security are now a cost of doing business, and simply get on with it.
 |
HIPAA Survival Guide Subscription Plan |
Risk Assessments: A Common Sense Approach.
Date/Time
Thursday May 22, 2014 2:00 PM - 3:30 PM EDT
Get this event on your calendar!
|
Registration
|
HSG Announcements |
Join the Conversation
The HIPAA Survival Group on LinkedIn continues to be the go to place for meaningful discussion of HITECH / HIPAA issues. You will find many industry thought leaders and insiders sharing their views on the evolving compliance landscape.
Stay Connected
Want to stay updated throughout the month? Follow Carlos on Twitter by clicking on the badge below. If you would like to read more regarding the authors' views on HIT and compliance click here and here and subscribe to their blogs. Become a FanFollow us on FaceBook by becoming a fan of the HIPAA Survival Guide. Also, be sure to check out our HITECH Videos.
|
|
This article discusses a number of HIPAA misconceptions that keep coming back like the proverbial "bad penny." Compliance with the regulations is far from trivial, however it is not nearly as complex or expensive as some in healthcare would have you believe. There are too many healthcare stakeholders that would rather delay, defer, or refuse to comply altogether. The industry as a whole would be far better off embracing the fact that privacy and security are now a cost of doing business, and simply get on with it.
Little progress would have been made in online banking had the banks not treated privacy and security as mission critical. But, healthcare doesn't require the kind of security that a bank does right? Well that may have been true prior to the HITECH Act when HIPAA was a paper tiger. However, now that a major breach can cost a covered entity ("CE") or business associate ("BA") millions, it is high time to stop the resistance. Resistance is futile. Furthermore, the ROI on a resistance strategy is negative (i.e. it really sucks).
Wetware v. Software?
Wetware is "biological gray matter in a fixed medium" suitable for other humans to consume. Wetware is not the same thing as software. Wetware is what you need to KNOW in order to comply with HITECH / HIPAA. You will NEVER get the required Wetware from HHS, NIST or any other government agency. Government, at best, will attempt to clarify what the requirements are. For subtle but otherwise obvious reasons Government is not going to tell you HOW to comply. Wetware, when done correctly, is a knowledge transfer vehicle. Its focus is on education.
Software, on the other hand, is where you store & manage your visible, demonstrable, evidence ("VDE") of compliance. When compliance software is done correctly it should be much more than a glorified file repository. It should help you to effectively manage your HITECH / HIPAA compliance initiative. Software without Wetware is an empty container!
Caveat CE and BA: compliance Software is often sold as Wetware! Compliance Software vendors are generally not in the business of keeping up with the latest updates to the regulations. They are in the business of providing features and functions that help you manage compliance. Both Wetware and Software have a place, but be sure you know what it is you are buying.
Agile v. Heavyweight Methodologies?
Navigating the regulatory maze has proved daunting for organizations of all sizes, now confronted with HIPAA 2.0 which is no longer a paper tiger. The methodology that you select will likely make the difference between success and failure. Unfortunately, most organizations are unaware that they are selecting a methodology when launching a compliance initiative, let alone selecting the wrong one.
Read More...
|
About Us |
3Lions Publishing, Inc. is now the owner/operator of the HIPAA Survival Guide website and the official sponsor of this newsletter. Our mission is to bring you HITECH / HIPAA statutes and regulations in an easy to read and digestible format, products that help reduce the burden of compliance, and "news you can use" via our newsletter.
We take a partnering and collaborative approach to the marketplace. If you would like to see specific topics covered in this newsletter, or additional products, then please let us know.
Carlos Leyva, CEO 3Lions Publishing, Inc.
(800) 516-7903
|
|
|