Compliance is an Ongoing Process
The U.S. Department of Health and Human Services, Office for Civil Rights (OCR) issued its first settlement under new OCR Director Jocelyn Samuels earlier this month. This latest settlement serves as a reminder that a successful privacy and security compliance program is an ongoing process. Samuels’ statements underscore the importance of monitoring information systems and conducting compliance audits. Samuels calls for entities to “review[] systems for unpatched vulnerabilities and unsupported software that can leave patient information susceptible to malware and other risks.” When it comes to data security, all organizations—from big box retailers to small start-up companies, from large health systems to small provider groups—need to continuously assess risks and vulnerabilities to their data and develop a plan for reducing the risk of a data breach. To continue reading, click here.
Close
Close
CAUTION - Before you proceed, please note: By clicking "accept" you agree that our review of the information contained in your e-mail and any attachments will not create an attorney-client relationship, and will not prevent any lawyer in our firm from representing a party in any matter where that information is relevant, even if you submitted the information in good faith to retain us.