by Jillian Chubbuck | Mar 10, 2026 | Agents & Brokers, Blog, Business Associates, Dental Providers, Employers, General, Medical & Dental Providers, Medical Providers, Privacy, Security, Uncategorized
Artificial Intelligence is no longer a niche tool for tech startups. It is being deployed across the entire HIPAA spectrum: Business Associates (BAs) are using it for automated processing and data analytics, employer groups are utilizing it for plan management, and...
by Jillian Chubbuck | Mar 10, 2026 | Blog, Encryption, File Sharing, General, Privacy, Security, Training
Summary: To use Google Workspace with Protected Health Information (PHI), you must enter into a Business Associate Agreement (BAA) with Google. As of 2026, this process is handled digitally within the Google Admin Console. However, a signed BAA is only the first step;...
by Jillian Chubbuck | Feb 11, 2026 | Agents & Brokers, Business Associates, Employers, General, Medical & Dental Providers, Privacy, Security
At a Glance: OneDrive & HIPAA Compliance Is it compliant? Not by default. OneDrive requires an Enterprise-level subscription, a signed Business Associate Agreement (BAA), and specific security configurations to meet U.S. federal standards. 3 Key Requirements: Legal:...
by Jillian Chubbuck | Feb 3, 2026 | Agents & Brokers, Business Associates, Employers, General, Medical & Dental Providers, Privacy, Security
In the modern cybersecurity landscape, a simple firewall is no longer a sufficient barrier against sophisticated threats. As highlighted in the January 2026 OCR Cybersecurity Newsletter, system hardening has become an essential process for shrinking your “attack...
by Jillian Chubbuck | Jan 7, 2026 | Agents & Brokers, Business Associates, Employers, General, Medical & Dental Providers, Privacy, Security
For years, 42 CFR Part 2 has operated as a separate, more stringent set of rules than HIPAA. However, following the CARES Act, the HHS has issued a Final Rule to bring these two frameworks into closer alignment. The compliance deadline is February 16, 2026. It is...
by Jillian Chubbuck | Nov 5, 2025 | Agents & Brokers, Business Associates, Employers, General, Medical & Dental Providers, Privacy, Security
In today’s digital world, protecting sensitive information is not optional— it’s essential. Whether you’re a healthcare provider, insurance company, or business associate handling protected health information (PHI), you’ve probably heard of SOC 2 compliance and...
by Jillian Chubbuck | Oct 28, 2025 | Agents & Brokers, Business Associates, Employers, General, Medical & Dental Providers, Privacy, Security
In the world of healthcare and business operations, protecting Protected Health Information (PHI) is not a solo effort: it requires a unified, knowledgeable HIPAA compliance team. As a Covered Entity or Business Associate, the team you select is the backbone of your...
by Jillian Chubbuck | Oct 14, 2025 | Agents & Brokers, Business Associates, Employers, Medical & Dental Providers
The Health Insurance Portability and Accountability Act (HIPAA) continues to evolve, but one trend remains constant: the Office for Civil Rights (OCR) is aggressively enforcing compliance failures. In the modern, digitized healthcare environment, violations are rarely...
by Jillian Chubbuck | Oct 1, 2025 | Agents & Brokers, Agents and Brokers, Audit, Blog, Breach, Business Associates, Employers, General, Medical & Dental Providers, Privacy, Security
The question is simple, but the answer carries serious weight: Is a HIPAA Risk Assessment required? The short answer is an emphatic Yes. A HIPAA Risk Assessment, or Risk Analysis, is the single most critical and foundational requirement of the entire HIPAA Security...
by Jillian Chubbuck | Sep 25, 2025 | Agents & Brokers, Agents and Brokers, Audit, Blog, Breach, Business Associates, Dental Providers, Employers, Encryption, General, Medical & Dental Providers, Medical Providers, Privacy, Security, Training, Uncategorized
More Than Just Another Tech Headline The widespread 2025 data breach affecting users of Workday and Salesforce is far more than a distant technology problem; it is a critical and urgent case study for every healthcare provider, employer group health plan, health...
