Header graphic for print
HealtHITechLaw HIPAA, HITECH and Beyond

Tag Archives: Security Rule

HHS HIPAA Security Risk Assessment Tool Now Available

Posted in Security

Many thanks once again to our colleague, Sylvia Brown, for her assistance in authoring this post. The Office of the National Coordinator for Health Information Technology (ONC), in collaboration with the U.S. Department of Health & Human Services (HHS) Office of Civil Rights (OCR), recently released a security risk asessment tool (SRA Tool) to assist entities… Continue Reading

HIPAA Final Rule Clarifies Business Associate Obligations

Posted in Rulemaking

Business Associates:  You’re on notice. When the Health Information Technology for Economic and Clinical Health Act (“HITECH”) was enacted nearly four years ago, business associates were aware that HIPAA compliance was going to be required of them – they were just not sure of the extent.  Historically, business associates have been required to comply with… Continue Reading

HIPAA Business Associate Becomes Target of State AG Enforcement

Posted in Business Associate, Enforcement

A recent complaint filed by the Minnesota State Attorney General against a HIPAA business associate seeks to recover statutory damages for multiple alleged violations of the HIPAA Security Rule.  Following last year’s HHS OCR enforcement targeting HIPAA covered entities, this latest HIPAA enforcement should place all business associates on notice that enforcement authorities have them… Continue Reading