On September 23, 2013 the HIPAA Omnibus Rule went into effect. This rule provides further clarification to a complex set of requirements. It also defines some potentially catastrophic penalties associated with a Protected Health Information (PHI) or Electronic Protected Health Information (ePHI) breach.
Whether your company is a Business Associate, or a Covered Entity, the HIPAA Omnibus Rule has a significant impact on the policies and security measures in place for your hosting environments.
Our clients who handle ePHI data need to ensure they have a security strategy and documented processes in place to comply with the Breach Notification Rule, the Privacy Rule, and the Security Rule. It can be overwhelming.
Through our HIPAA Compliant Hosting and Cloud Services, Layered Tech is able to help health care businesses offload a significant amount of the IT and business controls related to a hosting environment that contains ePHI data.
If you are attending HIMSS14, we would like to talk with you about your security and compliance strategy relative to the HIPAA Omnibus Rule. Please stop by and visit us on the exhibition hall floor in booths 6488 and 6486.
If you are not attending HIMSS14, we would still like to engage in a discussion with you. Please fill out your information on the Contact Us form and we will follow up with you.
About the Author: As Regional Sales Manager for Layered Tech, Steve Chu (@stevendkchu) brings over 9 years of experience to the Payment and PCI Compliant Hosting industry. His background prior to Layered Tech was with HMS/Micros Systems, which provides a point-of-sale solution for the hospitality industry, and also with global IT consulting firm, Sogeti Capgemini.
With 2013 in the books, it’s time to look back at some of the biggest health information privacy blunders of the year. The list below represents the ten largest HIPAA data breaches as tracked by the U.S. Department of Health & Human Services (HHS), based on the total numbers of affected individuals.
While penalties haven’t been handed down and lawsuits settled, each of the below likely represent millions of dollars in fines and settlements. For example, during 2013 HHS handed out penalties ranging from $150,000 to $1.7 million. Potential class action lawsuits and the cost of providing fraud protection for those affected can quickly propel those costs into the tens of millions or even billions.
So on that happy note, let’s dive in!
Continue reading ‘Top 10 HIPAA Data Breaches of 2013′
Hi, I’m Steve Chu from Layered Tech. Next week I will be attending the iHT2 Health IT Summit in Austin, Texas along with Jeff Reich, Layered Tech’s Chief Risk Officer.
The Health IT Summit is one of several regional events conducted by the Institute for Health Technology Transformation (iHT2). We look forward to attending this summit and engaging in discussions about the rapid evolution of technology in the healthcare industry. Continue reading ‘iHT2 Health IT Summit Preview: Three Hot Topics’
There has been a great deal of innovation around automated provisioning, scaling and decommissioning of cloud services in the past couple of years. The primary driver of this innovation is the ability to easily consume cloud services and pay only for the services that are being used. Creating cloud servers and appliances has become a remedial task to the end user with point-and-click provisioning being performed via slick web portals, while modern day cloud orchestration systems do the heavy lifting on the backend provisioning of the services that were ordered.
Continue reading ‘Migration: One of the Most Overlooked Service Capabilities of a Cloud Provider’
It seems obvious that better trained employees will have a positive impact in any business. Yet, a recent survey by Accenture found that 35% of executives say they have not invested enough in training to develop the skills they need, and 64% anticipate loss of revenue due to this skill gap
Continue reading ‘Why Education and Certification Matters for Tech Service Providers’
I had the opportunity to attend and speak at recent KANAConnect events in the US and Europe. I was surprised and delighted at the breadth of discussion and focus placed on cloud computing and the forward-thinking direction of many of the attendees.
One thing that was quite clear and different from what I’d experienced at past KANA events was the overall mindset towards the cloud playing a larger role in the future growth plans of the majority of the companies in attendance.
Continue reading ’10 Reasons Why Migrating to the Cloud Makes Sense’
Your healthcare startup has just secured its second or third round of funding as you prepare to move your apps out of beta testing and into the marketplace. It’s a heady time; your team is filled with anticipation over the impact your solutions could potentially have on the lives of millions. That is, if you last long enough to overcome all the pitfalls and obstacles that startups are subject to. You need to keep one eye on your burn rate and make sure that you’re prioritizing every dollar spent.
Continue reading ‘Healthcare Startups, HIPAA Compliance, and Texas Hold ‘Em’
As Director of Compliance and Security services at Layered Tech since 2008, I have seen our Compliant Services business grow significantly during that time. With that growth, there has been a noticeable phenomenon related to our startup clients who have reached an attractiveness level high enough to become acquisition targets.
We are in a unique position to see this happen from start to finish. It is a behind-the-scenes supporting role where our economy of scale and simplified audit-service goals lend upward momentum. I have seen this happen several times, including with Layered Tech itself. It is a topic that deserves some background, so let me lay out an example of what I mean.
Continue reading ‘Startups That Fly – Layered Tech’s Role’
It can be difficult to prove whether a cloud or managed hosting provider is certified HIPAA compliant because today no formal process or status exists to verify that claim. The HIPAA Security Rule allows the use of any security measures that reasonably and appropriately implement its standards and implementation specifications. For health care innovators, this wiggle room can cause some uncertainty about whether their IT infrastructure is compliant and secure, or in danger of a costly HIPAA violation.
Continue reading ‘Hooray for HITRUST’
I’m excited to update you on the progress and status of Layered Technologies (LT) Inc. as we begin the fourth quarter of 2013.
Continue reading ‘Q4 Update From Layered Tech CEO Jack Finlayson’