Monthly Archives: March 2011

OCR Seeks More Funding for HIPAA Enforcement

The Office for Civil Rights has requested $46.7 million in funding in its FY 2010 budget, with 76 percent of new funding to go toward enforcing HIPAA regulations, according to a Health Data Management news report

via OCR Seeks More Funding for HIPAA Enforcement | Healthcare Information Technology.

OCR Offers HIPAA Training for States Attorneys General | Hospital Financial and Business News

The Office of Civil Rights is offering HIPAA enforcement training sessions for States Attorneys General, aiming to aid them in investigating and seeking damages for HIPAA violations within their states, according to the U.S. Department of Health and Human Services.

via OCR Offers HIPAA Training for States Attorneys General | Hospital Financial and Business News.

OCR invites state AGs to gear up for HIPAA security crackdown – FierceHealthIT

The Office of Civil Rights (OCR) in the Department of Health and Human Services is expanding its fight against HIPAA security and privacy violations, as mandated by the HITECH Act. The OCR, a relatively small office with limited manpower, is now inviting the attorneys general of all 50 states to receive training in HIPAA enforcement.

via OCR invites state AGs to gear up for HIPAA security crackdown – FierceHealthIT.

New publication fundamentally changes federal information security risk management

Managing Information Security Risk: Organization, Mission, and Information System View (NIST Special Publication 800-39) provides the groundwork for a three-tiered, risk-management approach that “fundamentally changes how we manage information security risk at the federal level,” says Ron Ross, NIST Fellow and one of the principal authors of the publication.

via New publication fundamentally changes federal information security risk management.

HHS Puts Industry On Notice: OCR Is Serious About HIPAA Enforcement

HHS has now sent a clear message to entities bound by HIPAA – HIPAA must be taken seriously. Indeed, in the HHS press release related to the Mass General incident, OCR Director Georgina Verdugo indicated that entities bound by HIPAA must ensure they have an effective compliance plan in place in order to avoid enforcement penalties. Specifically, Verduga stated, “[w]e hope the health care industry will take a close look at this [Mass General Resolution] agreement and recognize that OCR is serious about HIPAA enforcement.

via United States, Pharmaceutical, Healthcare & Life Sciences, HHS Puts Industry On Notice: OCR Is Serious About HIPAA Enforcement – McGuireWoods LLP – 03/03/2011, Healthcare.