Have you just experienced a ransomware attack or other cybersecurity incident, you may be wondering what to do next? Fortunately, the HHS, Office for Civil Rights (OCR) has provided a quick response checklist that explains step by step what a HIPAA covered entity or its business associate should do in response to an incident. In...
As we get ready to embark upon the holidays, the team at MedSafe would like to take a moment to thank all of our clients who have dedicated their lives to making a difference. While the majority of us will be enjoying holiday festivities with family and friends, many of you will forego time with your...
It’s no secret that we are in the peak of flu season! Whether you are a nurse, primary care physician, or healthcare professional you are not only susceptible to the virus itself, but you also play a significant role in helping to protect patients against influenza. The CDC recommends that all healthcare workers get vaccinated...
According to the HIPAA Breach Notification Rule, all covered entities and their business associates are required to report any breach of protected health information. It is essential to understand and implement all breach notification requirements or risk incurring financial penalties as high as $1,500,000 from state attorneys general and the HHS’ Office for Civil Rights....
As we move towards the end of the year, many practices and physicians are starting to consider the data they will need to submit under the MACRA/MIPS program. The MACRA/MIPS rules change slightly every year, and this year is no exception. Even though the rules have been adjusted, a basic requirement remains in place: You...
According to the Health Insurance Portability and Accounting Act of 1996 (HIPAA) Security Rule covered entities (CEs) and business associates (Bas) that have access to electronic personal health information (EPHI) are required to implement safeguards necessary to protect it. This includes but is not limited to, conducting a security risk analysis to meet the standards...
Under the HIPAA security rule, HIPAA covered entities (CEs) and business associates (BAs) are required to protect their electronic personal health information (ePHI), which typically involves identifying and mitigating software vulnerabilities that could put (ePHI) at risk. It also includes conducting a risk analysis, and implementing actions that will reduce these risks. Mitigation activities may...
The State of New York has signed into law a bill designed to prevent sexual harassment in the workplace. The sweeping new legislation includes the requirement of sexual harassment policies and sexual harassment training for New York State employers. Those organizations who do not have prevention guidelines, anti-harassment policies, and training programs in place should...
Healthcare organizations nationwide remain focused on their IT security, as more and more cyberattacks wreak havoc across the industry. Within the last two years, nearly 50% of companies have experienced a data breach, and the severity of these attacks appear to be getting worse. According to a recent survey conducted by Poneman Institute, healthcare and...
In 2016, the FBI released a public service announcement warning that “business email compromise (BEC) scams have increased by 1,300% since 2015 and have cost businesses more than $3 billion. Making it a significant threat that businesses should be aware of to reduce the likelihood of becoming a victim. What is BEC? BEC is a...
