8 min read

The 5 Best Ways to Protect ePHI

By Sean Doherty on 6/6/22 7:58 AM

Healthcare organizations can use these 5 strategies to secure electronic protected health information (ePHI). 

Topics: HIPAA Compliance Data Security Encryption ePHI Security Protected Health Information Protect ePHI HIPAA Security Rule What is ePHI
3 min read

15 Lessons Learned from a HIPAA Data Breach

By Rose Doherty on 7/25/18 1:14 PM

Implementing a strong HIPAA Compliance framework is a requirement for all Covered Entities and Business Associates, but many practices don't realize this is also their best strategy to prevent a breach from happening!   My hope is that understanding what the OCR will ask you for after a Data Breach will help you implement an IT security framework that will reduce your chances of ever experiencing a data breach.  

Topics: HIPAA Compliance Data Security IT Security cybersecurity ePHI Security HIPAA Risk Analysis
3 min read

Encryption Could Have Prevented Data Breach

By Rose Doherty on 2/9/16 3:27 PM

Encryption Could Have Prevented Centene's Data Breach of 950,000 Patient Records

Encrypted Devices with PHI can be lost or stolen and it is not considered a Data Breach.  Encryption is like a Get Out of Jail Free Card!  Health Insurance credentials sell for $20 each on the black market, but when supplemented with personally identifiable information (PII) such as birth date, place of birth, social security number, it can yield over $1000 per record.  These are scary times, and Centene, a St. louis based health insurer is the latest victim of a data breach that will make your head spin.  The worst part is that it could have been easily prevented with one simple and inexpensive security measure.

Topics: HIPAA Compliance Data Security
3 min read

15 Things the OCR Will Ask For After a Breach.

By Rose Doherty on 1/6/16 3:00 PM

Implementing a strong HIPAA Compliance framework is your best plan to prevent a breach. Understanding what the OCR will ask you for in the event of a Data Breach, and preparing all of this documentation ahead of time will give you a very good head start on HIPAA Compliance and may just prevent you from experiencing a breach.

Topics: HIPAA Compliance
2 min read

What is a Business Associate?

By Rose Doherty on 1/4/16 1:55 PM


The HIPAA Privacy Rule allows covered entities and health plans to disclose protected health information (PHI) to business associates, but only if the business associate signs a Business Associate Agreement in which it assures that it will appropriately safeguard the PHI it receives or creates on behalf of the covered entity.  So, which of your vendors need to sign a B.A. Agreement?  Here is a helpful list of vendors that need to sign your Business Associates Agreement.  You may be surprised!

Topics: HIPAA Compliance
2 min read

Cyber-Security Requires Training Employees

By Rose Doherty on 12/14/15 8:00 AM

Hackers are getting more sophisticated every day, and the ways they lure you to give them access to your computer are downright devious.  It is important that all employees are aware of these simple rules that will help prevent intruders from accessing your computer network. 

Topics: Security HIPAA Compliance Internet Security IT Security