Increased risk of ransomware attacks coupled with confusing guidance from regulators

How the OCR’s New Guidance Rule Re-Examines Ransomware

Posted by - August 29, 2016
A “breach” is defined as “the acquisition, access, use or disclosure of PHI in a manner not permitted under the HIPAA Privacy Rule.” In opposition to a traditional breach, ransomware causes the data to be too secure, even from its authors and users. The OCR’s guidance provides intel on the…
Who should take charge of data privacy?

Privacy is Too Important to Be Left to the Lawyers

Posted by - July 21, 2016
Privacy has become a critical business function. But companies go wrong when lawyers – rather than operations/IT and marketing personnel – take the lead. The nuts and bolts of privacy involve operational, technical and customer-engagement decisions – and it’s business leaders from these disciplines who must make and implement such…

Best of 2015: ACA Preparedness: Get Ready – The Train Is Coming

Posted by - December 29, 2015
Starting this year, employers with 50 or more full-time employees are required to provide affordable health insurance coverage under the ACA, and to track, manage and report the company’s health insurance data. Begin establishing a reliable and smart compliance tracking and reporting process now to stay on schedule to meet…

Do OSHA and HIPAA Rules Stand at Odds?

Posted by - October 20, 2015
Compliance managers understand the need for stringent protection of employee medical and health information. Managers may not understand, though, that in many cases, requirements to assemble information about workplace injuries and illnesses outweighs the need for such protections. So where do OSHA reporting requirements and HIPAA rules part ways?

ACA Preparedness: Get Ready – The Train Is Coming

Posted by - August 13, 2015
Starting this year, employers with 50 or more full-time employees are required to provide affordable health insurance coverage under the ACA, and to track, manage and report the company’s health insurance data. Begin establishing a reliable and smart compliance tracking and reporting process now to stay on schedule to meet…

The Hidden Nexus Between Compliance and Reputation

Posted by - December 11, 2014
The health care industry has been no stranger to the consequences - reputational and financial - of non-compliance over the past few years. The entities that have managed to maintain good standing with the OIG have also enjoyed a continued positive public reputation. Those that have been found guilty of…

Encryption: What Is It Good For? (Risk & Compliance)

Posted by - October 28, 2014
Data encryption seems to be top of mind for many corporations, and with good reason: high-profile data breaches prove to do significant damage in the way of reputational harm. Perhaps the answer isn't in better encryption, though, but instead better internal controls to keep users from being compromised and to…

As Same-Sex Marriage Gains Ground, Employers Must Keep Up

Posted by - August 7, 2014
Laws concerning same-sex couples and employer benefits are changing. U.S. v Windsor, a landmark case in 2013, was a huge win for those seeking equal rights for same-sex couples, and it has set the tone for many rulings since. For employers, the impact is significant, as their benefit plans and…

Tips to Keep the DEA Away

Posted by - June 19, 2014
Independent pharmacies have their work cut out for them when it comes to remaining compliant with ever-changing industry regulations. The mom and pop shops known for their personal service are subject to the same standards as their big-box counterparts. Here’s a rundown of DEA red flags and preventive measures to…