Why Us?

We know the law and we know the web.

We help companies safely and securely do business on the web.

HITECH / HIPAA September 2011 Newsletter

HITECH Act Compliance is a Team Sport:  Is your team HITECH ready?

 September 2011 Issue No. 21
In This Issue
Products now available in the HSG Store
HITECH / HIPAA and the Cloud: what are the benefits and risks?
In the News

OIG continues to announce enforcement 



August 10, 2011; U.S. Department of Justice

Los Angeles Jury Convicts Two Church Pastors and Their Employee of $14.2 Million Medicare Fraud Scheme 



August 10, 2011; U.S. Attorney; Eastern District of Pennsylvania

Physician and Pharmacist among Those Arrested In Drug Conspiracy and Health Care Fraud Case http://go.usa.gov/Kwx


August 10, 2011; U.S. Attorney; Southern District of Florida

Miami Woman Is Tenth Person Arrested For Her Role In Leading $27 Million Health Care Fraud Conspiracy http://go.usa.gov/Kwx


August 10, 2011; U.S. Attorney; District of Maryland

Peninsula Regional Medical Center Agrees To Pay $1.8 Million To Resolve Allegations That It Failed To Prevent Medically Unnecessary Cardiac Stent Procedures By Dr. John R. McLean 



August 4, 2011; U.S. Attorney; Southern District of Texas 



HITECH Switch OnProducts now available in the HSG Store. 
We are also pleased to announce our Combo Package which includes:  
  1. Business Associate Agreement: HITECH Ready Model Contract
  2. Breach Notification Framework
  3. Breach Notification Policy
  4. The Security Rule Under HITECH: a Business Associate's Perspective
Save over $100.00 off the retail price. 

Buy Now...  

HIPAA Breach Notification Framework 

Our HIPAA Breach Notification Framework walks you through the process of analyzing security incidents to determine what actions you must take to ensure your response complies with the HITECH Breach Notification requirements. The Framework discusses HITECH breach compliance in simple terms and uses twelve flowchart diagrams to help you navigate the process. It also includes tools and templates that help "jump start" your breach notification compliance initiative.


 Buy Now... 


Our HIPAA Breach Notification Policy

This policy implements section 13402 of the HITECH Act which requires HIPAA covered entities and their business associates to provide notification following a breach of unsecured protected health information. The policy was derived from our HIPAA Breach Notification Framework and is included as a FREE gift that product


Buy Now... 

Business Associate Agreement: a HITECH Ready Model Contract

Our model Business Associate Agreement includes provisions that meet the requirements of HIPAA/HITECH and is fully annotated with links to the relevant statutory/regulatory authority that underpins each Contract clause. The Contract package also includes a complete "User's Guide," with a clause-by-clause explanation of the issues addressed in the Contract. 

Use discount code "HFBAA1" (without quotes) and save $40.00 off retail price

Buy Now...

The Security Rule Under HITECH:
a Business Associate Perspective
First Edition

The most important step for building a "good SR compliance story" is for the business associate to get started. The approach in The Security Rule Under HITECH is to build the story iteratively over time. Most business associates (large or small) will likely need help in creating the story. The framework discussed throughout this document provides a good road map to follow.

Buy Now...

HIPAA Survival Guide Third Edition

The Third Edition of the HIPAA Survival Guide updates various substantive text of the first two editions and adds completely new material. The HITECH Act has indeed proven to be transformational. In order to deal more effectively with its changing regulatory landscape we have decided to release an updated version available here and on Amazon's Kindle platform.

Buy Now...

Quick Links
HIPAA Lawyer
Join Our Mailing List
Interested in staying current on HITECH / HIPAA compliance issues? Click the "join our list" link above and receive your own copy of the newsletter each month.

Other Resources

HSG Logo 
Dear Carlos,

Welcome to the September 2011 HITECH / HIPAA Compliance Newsletter. 


We are pleased to continue the discount offer on our HITECH Ready Model Contract for our Newsletter subscribers only. The retail price of our Contract is being discounted from $129.95 to $89.95. This discount will be available until September 15th. Enter the discount code of "HFBAA1" (without the quotes) to realize the savings. We are also pleased to announce our Combo Package which includes four products with over $100 dollars in savings.


The featured article this month is entitled HITECH / HIPAA and the Cloud: what are the benefits and risks?


This article explores the healthcare industry's emphatic adoption of cloud computing and the benefits and risks of moving to the cloud, including those directly related to HITECH / HIPAA Compliance.

HITECH / HIPAA Newsletter 


HSG Announcements
HSG Logo
Want to ensure that you meet all the State I Meaningful Use Requirements so that you can legally attest in good faith when you register to receive your EHR incentives? Click here or on the image below for more information.
Apex Newsletter Banner 

Our EHR Library remains one of our most popular downloads. Here you will find content that will help you select the right EHR package for your practice or facility and other useful EHR collateral.
HITECH Switch On  

Stay Connected
Want to stay updated throughout the month? Follow Debbie on Twitter by clicking on the badge below.  If you would like to read more regarding the authors' views on HIT and compliance click here and here and subscribe to their blogs.  

Become a Fan
Follow us on FaceBook by becoming a fan of the guide and support the HSG by purchasing some HSG Wearables. Also, be sure to check out our HITECH Videos.

Advertising Opportunities
HSG is now welcoming advertisers to help support one of the most comprehensive and usable HITECH / HIPAA sites on the Internet. Our audience continues to grow as healthcare providers, both large and small, return to HSG again and again.
HITECH / HIPAA and the Cloud: what are the benefits and risks?
Webtones PointerThis article addresses the following: 


What is the cloud?    
HITECH / HIPAA NewsletterThe answer to this question is not as straightforward as it may seem because of the confusing jargon surrounding private clouds, public clouds, and community clouds. Here's a good overview of cloud computing. For the purposes of this article we are speaking of the benefits and risks associated with the public cloud. The public cloud is what most mid-size covered entities and business associates are likely to find economically feasible (i.e. only larger organizations have the economic clout to pursue the private cloud option).


Is the healthcare industry moving to the cloud?

Yes, the healthcare industry is moving to the cloud in a big way and we applaud the move. Cloud economics will contribute to bending the healthcare cost curve, although not nearly as much as creating a functional healthcare marketplace based on patient outcomes and transparent pricing (something we are not likely to see anytime soon).

Dr. Halamka does an excellent job in this post in making the argument as to why the healthcare industry has been slow (understatement) to adopt enabling technologies. Fundamentally, his argument can be summarized as a "structural" justification for slow adoption. The industry simply had no real incentive to adopt enabling technologies, the status quo worked just fine (not really) thank you very much.

However, now the industry is being pushed to change because of disruptive forces, not all of which are based on government incentives. So healthcare is being hit with a "perfect storm" of change and has decided to embrace cloud computing as part of its change strategy. The industry has not only embraced the cloud but put such a bear hug on it that healthcare is now the fasting growing IT verticle because of it


The movement of the healthcare industry to the cloud is unstoppable, but this should not obscure the real downside risks that must be managed as part of this process. Generally the risks are a direct result of losing control of mission critical applications and infrastructure. Before discussing the risks let's highlight the real benefits that the industry is likely to derive from cloud computing.


What are the benefits of cloud computing? 


Key Contract Sections The benefits of cloud computing in the healthcare industry are many, including:

  1. Fast and easy access to patient data anytime and anywhere.
  2. The potential to leverage best practices surrounding security and encryption.
  3. The availability of large and centralized de-identified data-sets available for multiple uses including predictive analytics.
  4. A robust communications infrastructure for home healthcare monitoring applications to plug into.
  5. A transaction/usage based pricing model for state of the art hardware and software that enables the distribution of previous fixed upfront capital costs more evenly across time.



About Us
HITECH Puzzles3Lions Publishing, Inc. is now the owner/operator of the HIPAA Survival Guide website and the official sponsor of this newsletter. Our mission is to bring you HITECH / HIPAA statutes and regulations in an easy to read and digestible format, products that help reduce the burden of compliance, and "news you can use" via our newsletter.

We take a partnering and collaborative approach to the marketplace. If you would like to see specific topics covered in this newsletter, or additional products, then please let us know.

Carlos Leyva, CEO
3Lions Publishing, Inc.


Contact us today