The 2025 Workday & Salesforce Breach: A HIPAA Wake-Up Call for Vendor Management
More Than Just Another Tech Headline The widespread 2025 data breach affecting users of Workday and Salesforce is far more than a distant technology problem; it is a critical and urgent case study for every healthcare provider, employer group health plan, health...
The Ultimate Guide to Making a Company HIPAA Compliant
In today’s interconnected world, safeguarding sensitive information is paramount, especially in healthcare. The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal law designed to protect an individual’s Protected Health Information...
HIPAA Access Control: Safeguarding ePHI and Protecting Your Business
In today’s digital world, protecting sensitive data is paramount. This is especially true for organizations that handle electronic Protected Health Information (ePHI), whether you’re a healthcare provider, a business associate, or even an agent or broker...
Understanding the Common Agency Provision in HIPAA – aka “Basis for a Civil Money Penalty,” or 45 CFR § 160.402
Who does this apply to? In the extensive world of rules and regulations related to HIPAA, it’s crucial to have a clear grasp of specific rules for both legal and ethical reasons. Section 45 CFR § 160.402 is often referred to as the “Common Agency...