THE TOTAL HIPAA
Resource Library
Featured Articles
A Guide to the NAIC’s Insurance Data Security Model Law
In October 2017, the National Association of Insurance Commissioners (NAIC) established an Insurance Data Security Model Law and released it to states for legislative consideration. They used New...
Why Employers Need to be HIPAA Compliant
HIPAA compliance for employers is a complicated and nuanced topic. No employer group is the same when it comes to supplying health benefits to their employees. Smaller employers (fewer than 50...
Secure Remote Work During COVID-19
Jason Karn, Total HIPAA’s Chief Compliance Officer, recently interviewed Erik Kangas, founder and CEO of LuxSci. LuxSci provides email encryption, web hosting, forms, and secure sending services for...
HIPAA and Medical Records Retention Requirements by State
The Health Insurance Portability and Accountability Act (HIPAA) requires Covered Entities and Business Associates ...
Auditing Business Associates
Have you Audited your HIPAA Business Associates?
This question comes up frequently when we are working on HIPAA ...
Implementing HIPAA is More Than Meeting Government Regulations
Recently, I was on a vacation in Germany, and as I visited several medieval cities, I had two thoughts. First, ...
The FTC Act and HIPAA Protect the Same Information
You collect Personally Identifiable Information (PII) about your patients, employees and clients, which can be ...
Microsoft End of Support for 2017
Note: We update this list every year. To see the most recent version of this post, click here.
There are numerous ...
It’s Time to Report Small Breaches
Deadline for Reporting HIPAA Breaches Affecting Fewer than 500 Individuals – February 28, 2017
HIPAA breaches ...
Are You Prepared for Ransomware?
Both large and small businesses are warned about hackers getting into their files and demanding a ransom in order ...
HIPAA and Cloud Computing Part II
Health and Human Services (HHS), Office of Civil Rights’ (OCR) Phase 2 of the HIPAA Audit Program is scheduled to ...
Encrypting Devices
Most electronic devices come with the ability to encrypt the internal drive. Encrypting your data adds an extra ...
HIPAA Compliant Email Encryption Review
Covered Entities, Business Associates and Business Associate Subcontractors are required to protect the PHI they ...
OCR’s Phase 2 of HIPAA Audit Program Focuses on Business Associates
The Department of Health and Human Services’ (HHS) announcement that they will begin auditing Business Associates ...
Multi-Line Agencies and Privacy Requirements
It's important to train all staff in a multi-line agency on HIPAA Compliance
There is a great deal of crossover ...
Strong Passwords – Your Employees Most Important Contribution to Network Security
Are your passwords so easy that a seven year old can figure them out?
In 2012, Dropbox verified that the user ...
Update: Disaster Recovery
In the midst of tropical storm season, we want to remind you of the importance of a Disaster Recovery Plan. The ...
Bring Your Own Device (BYOD) Guidance
Bring Your Own Device, or BYOD, is when employers allow their employees to use their own electronic devices ...
HHS is Focusing in on Small Breaches
If you think HIPAA won’t be enforced for small breaches, think again. On August 18, 2016, OCR announced its intent ...
Update: Increase in Estimated Cost of a HIPAA Breach
With Phase 2 of HIPAA audits in full swing, many companies are worried about potential fines and penalties from the
How HIPAA Can Help Deter Hackers
The number of hacks and breaches that occur continues to rise exponentially. Though you may have security measures ...
Update: HIPAA Compliant File Sharing
There is an updated file sharing review blog here.
File sharing is a critical tool used by businesses and ...
Do You Have a Disaster Recovery Plan, and Have You Tested It?
As much as we hope every business is preparing a Disaster Recovery Plan (DRP) to deal with the growing ...
Take control of your compliance.
