Recent Posts

Another HIPAA penalty for not conducting organization-wide security risk analysis

The University of Washington Medicine (UWM) has agreed to settle charges that it potentially violated the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule by failing to implement policies and procedures to prevent, detect, contain, and correct security violations. Affiliated covered entities must have

Read more

Office of Inspector General: OCR should strengthen its oversight of covered entities’ compliance with the HIPAA privacy standards.

OIG has recently completed a study of OCR’s HIPAA audit program and published the following recommendations: (1) OCR should fully implement a permanent audit program (2) OCR should maintain complete documentation of corrective action (3) OCR should develop an efficient method in its case-tracking system to search

Read more

2015 Meaningful Use Final Rule Released

The Centers for Medicare & Medicaid Services (CMS) and Office of the National Coordinator for Health Information Technology (ONC) has released final rules for 2015 Meaningful Use that simplify requirements and add new liabilities for providers. For the EHR Incentive Programs in 2015 through 2017, major provisions

Read more

Negotiating EHR Technology Contracts

Physicians and other healthcare providers continue to spend significant sums on new technology, including EHR and practice management systems, IT consultants, new medical equipment, etc.  Despite vendor promises, technology does not always live up to expectations or those oral promises.  Only a well negotiated technology contract will

Read more