Risk Assessment

Med Jacking

Risk Assessment is the core requirement for achieving HIPAA Security compliance. This risk assessment tries to identify and mitigate sources for ePHI data loss in your network. While PCs, laptops, servers, PDAs, network printers and other network devices may be obvious points of failure, you should also include medical devices in your assessment.

Medical devices can be either wireless or wired. They can be broken down into four general categories: consumer health monitoring, wearable, embedded and stationary ...

Continue Reading
0

Audited? OCR Will Look First for Your Risk Assessment

If you’re audited, the first piece of documentation the OCR auditor will ask for is your risk assessment. The second thing they’ll require is your risk mitigation action plan. Will you be able to produce these documents in any meaningful form?

At a recent NIST (National Institute of Standards and Technology) and OCR (Office of Civil Rights) conference, OCR Director, Jocelyn Samuels, reviewed key requirements for CE (Covered Entities) and BA (Business Associates). OCR will “want to see … policies and ...

Continue Reading
0