OCIA New Product may help Organizations with Cyber Approach

All indicators are that 2017 will continue to see healthcare data come under attack as its value on the black market holds. That means that healthcare organizations can expect to remain prime targets for malicious cyberattacks. It doesn’t help that many healthcare organizations struggle with challenges that include outdated information systems and cybersecurity gaps, as … Read more

We would like to thank our clients for placing their trust in Apgar & Associates during 2016 and into 2017.  It’s been a good year for us and we have you to thank for it.  We wish you a very Happy Holiday Season and a prosperous New Year! Chris, Julia and Kevin

Security Incident Response Plan: Could you execute yours today?

We’ve talked about the importance of having a security incident (aka data breach) response plan in place, but according to the recent data breach preparedness study conducted by the Ponemon Institute (available via the Experian website), not many organizations feel like they could execute theirs effectively and “lack confidence” in it. Our recommendation for building … Read more

FTC Releases Mobile Health App Interactive Tool

New mobile health apps come on the market every day. Consumer use is prolific, with health providers, health plans, and employers with wellness plans either using or promoting their use to their patients or employees. That use opens the door to privacy breaches if the mobile health app developer doesn’t follow necessary privacy and security … Read more

Why can’t privacy and security compliance software be more like tax prep software?

As CFO and COO of our privacy and security compliance consulting firm, every year I’m on the receiving end of email promotions and pop-up ads for tax preparation software. DIY, guaranteed, “We’ll take the hit for the audit if it happens” software. I have to admit, if privacy and security compliance software were as comprehensive, … Read more

Cyberattacks & Ransomware: Federal Agencies Warn Healthcare Sector

The recent spate of healthcare provider ransomware cyberattacks has prompted federal agencies to alert the healthcare sector about precautions and also provide recommendations on how to handle. Many of these cyberattack origins appear to be in nation-states like China, Russia, and Eastern European countries.  The FBI has issued recommendations about ransomware cyberattacks, and “encourages healthcare … Read more

When does State law trump HIPAA?

When State law requirements are tougher than HIPAA, then it’s likely that the State law is the one you need to follow. When does it not? When it’s “contrary.” Then, it may be submitted for exemption – in other words, may be up for consideration to “trump” the federal regulations. However, it’s rare that a … Read more

Washington & Oregon Data Breach Notification Law Changes

Here in the Northwest, legislatures in both Oregon and Washington hold their regular sessions during the winter and spring of the year. In their regular sessions in 2015, both amended state laws related to data breach notification, which means your Incident Response Plan (IRP) likely needs updating. Washington state data breach notification law changes are … Read more

OCR Pre-Audit Survey Approved by Office of Management & Budget: Are you ready for Round 2 OCR HIPAA Audits?

I’ve been updating all about the permanent or “second round” of OCR HIPAA audits for a while now. The HIPAA Audit program was initially to launch near year-end 2014. Now, we’re seeing details of the program, even though we don’t know when the OCR HIPAA audits will actually begin. However, OCR is taking the first … Read more

OCR News: Single-location Pharmacy Pinged with Penalty & Corrective Action Plan

Remember a few years ago we wrote about When it Comes to HIPAA Violations, Size Doesn’t Matter? Then it was a small specialty physician practice in Arizona that was hit with a penalty – now it’s a Denver pharmacy, Cornell Prescription Pharmacy. A well-known single-location pharmacy serving the greater Denver metropolitan area, they’re being pinged … Read more