Audits are coming, and last year’s risk assessments will no longer cut it. We’ve identified seven issues HIPAA security and privacy officers should consider and address in 2015.
- Business associates
Get your business associates (BAs) on board and up to date because the HIPAA/HITECH Omnibus Final Rule of September 22, 2014, now requires covered entities to bring all BA agreements into compliance with modified rules that went into effect in the 2013 rules.
- Increasing number of breaches
Health care organizations continue to rely more heavily on automation to store and access information, but the sheer volume of breaches attests to the increased risks associated with this practice.
- State laws
Even as privacy and security officers begin to get comfortable with the updated HIPAA regulations, new state laws can create greater regulatory complexity.
- Meaningful Use regulations
Funding for Meaningful Use is tied to HIPAA risk assessment, so if you’ve taken federal Meaningful Use payments, an audit is likely.
- Mobile devices
Having access to sensitive information available on mobile devices is our way of life but is becoming increasingly dangerous.
- The Cloud
Cloud storage can increase the risk of being penetrated by hackers, often with help from inside.
- International crime rings
Criminal hackers are persistent and can penetrate even the strongest safeguards, but if your data is breached, you’ll be the one paying the fine.
These seven threats are real and important considerations when considering your risk assessment practices, but all hope is not lost. If you are committed to implementing and maintaining comprehensive, up-to-date practices, you’ll be able to meet security and privacy challenges with ease.
For more information, please download: “Privacy & Security Audits: How to Prepare and Ensure Compliance” from the editors of FierceIT.