Cisco Blogs


Cisco Blog > Healthcare

5 of 9 HIPAA Network Considerations

Over the last several weeks, I’ve been posting a blog series around nine HIPAA network considerations.

  1. HIPAA Audits will continue
  2. The HIPAA Audit Protocol and NIST 800-66 are your best preparation
  3. Knowledge is a powerful weapon―know where your PHI is
  4. Ignorance is not bliss
  5. Risk Assessment drives your baseline
  6. Risk Management is continuous
  7. Security best practices are essential
  8. Breach discovery times: know your discovery tolerance
  9. Your business associate(s)must be tracked

This week we focus on #5 – Risk Assessment drives your baseline.

Read More »

Tags: , , ,

4 of 9 HIPAA Network Considerations

The fourth consideration in this 9 HIPAA Network Considerations blog series, we look at whether ‘not knowing’ is a valid defense post-breach. Is Ignorance Bliss, or will that get you into trouble?

Remember, the HIPAA Omnibus Rule was released January 23, 2013, became effective March 26, 2013 with compliance to the updates se for September 23, 2013. Audits will also start up again for covered entities and business associates in late 2013 or early 2014. Read More »

Tags: , ,

3 of 9 HIPAA Network Considerations

Next in this 9 HIPAA Network Considerations blog series, I cover the third network consideration focusing on knowing where your PHI is.  Remember, the HIPAA Omnibus Rule was released January 23, 2013, became effective March 26, 2013 with compliance to the updates se for September 23, 2013.  Audits will also start up again for covered entities and business associates in late 2013 or early 2014.

Read More »

Tags: , , , , ,

Nine HIPAA Network Considerations

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) Omnibus Final Rule, released January 2013, introduced some significant changes and updates. At the same time, over 100 HIPAA audits concluded in 2012. The Office of Civil Rights (OCR) released initial analysis of these audits in May 2013. The HIPAA Omnibus Final Rule and 2012 HIPAA audit results may influence how you run your network in the future. Here are nine network considerations that could impact your network and IT processes.

  1. HIPAA Audits will continue
  2. The HIPAA Audit Protocol and NIST 800-66 are your best preparation
  3. Knowledge is a powerful weapon―know where your PHI is
  4. Risk Assessment drives your baseline
  5. Risk Management is continuous
  6. Security best practices are essential
  7. Ignorance is not bliss
  8. Your business associate(s) must be tracked
  9. Breach discovery times: know your discovery tolerance

Each of these considerations will be explored in a nine-part blog series, posted on the healthcare blogs site.

Tags: , ,

2 of 9 HIPAA Network Considerations

Continuing the thread from the last blog where I discussed the first HIPAA network consideration, ‘HIPAA Audits will continue’, in this blog I’ll discuss the second network consideration on the list below.  Remember, The HIPAA Omnibus Final Rule, released January 2013, introduced some significant changes and updates.  The 2012 HIPAA audits concluded with some initial findings released from The Department of Health and Human Services (HHS) Office of Civil Rights (OCR).  These two events may impact how you govern your internal organization and network for patient privacy and protection of PHI.  The deadline for compliance with the updates to the HIPAA Omnibus Final Rule is September 23, 2013.

Read More »

Tags: , , ,