One of the areas we are required to evaluate on every HIPAA audit or compliance assessment is whether our client is compliant with HIPAA’s record retention requirements.
Tag: Risk
Information Security Risk Management Tips
Some people may not believe this, but information security’s purpose is, or should be, to serve the business and help the company understand and manage its overall risk. Sure, there are some security professionals that appear to have the goal of spending as much money as possible and getting the latest and greatest software, and there are also some that like to say “no”…for everything…all the time, but the good ones are there to help.
Advantages of Investing in a SOC 2 Report
Obtaining a SOC 2 report requires an investment of both time and money for a service organization and, at some point, might seem like more work than it’s worth. However, the advantages to obtaining a SOC 2 report far outweigh the initial investment.
Patch Management and HIPAA Compliance
You won’t find the words “Patch Management” in the HIPAA Security Rule, but given recent action taken by the US government agency that enforces HIPAA compliance, it’s there.
Increased Need for Information Security Governance
Recent breaches highlight the need for increased information security governance.
The 10 Generally Accepted Privacy Principles
The ten generally accepted privacy principles that are essential to the proper protection and management of personal information are:
Top 5 HIPAA Compliance Gaps to Avoid
Healthcare providers, payers, exchanges, and many service providers to the healthcare industry are under increased pressure to demonstrate their compliance with the security and privacy requirements of HIPAA.
So Many Terms…What Do They All Mean?
It is easy to feel overwhelmed by all of the terminology surrounding an audit. Here is a list of frequently used terms and their meanings: