Audit & Compliance -

HIPAA, Security Incidents, and Reportable Events

May 11, 2023 Lazarus Alliance 0 Comment

Proactive HIPAA compliance consultants by Lazarus Alliance

In the interconnected world of digital health information, safeguarding Protected Health Information is paramount. Healthcare providers must legally follow the Health Insurance Portability and Accountability Act (HIPAA) to protect patient privacy and maintain trust, and this compliance includes understanding what it means to identify and deal with security incidents.

Among these, the concepts of security incidents, reportable events, and the implementation of the Breach Notification Rule are particularly critical. These aspects of HIPAA are at the heart of ensuring that health information remains confidential and that violations are promptly addressed and communicated appropriately.

This article explains the obligations of HIPAA-covered entities and their business associates under the Breach Notification Rule regarding reportable events. We will explore how to identify security incidents, determine their severity, ascertain if they constitute a reportable event, and understand the necessary steps for notification during a breach.

What Are the Proposed Rule Changes to HIPAA Coming in 2023?

May 3, 2023 Lazarus Alliance 0 Comment

Proactive HIPAA compliance experts by Lazarus Alliance

In response to changes in the medical industry due to COVID-19, the Department of Health and Human Services (HHS) and Substance Abuse and Mental Health Services Administration (SAMHSA) have put forth a Notice of Proposed Rulemaking to streamline how doctors can access mental health information.

This article will discuss this rule change and why it seeks to address the gaps between HIPAA disclosure and mental health information protections.

Lazarus Alliance Receives C3PAO Designation: A CMMC 2.0 Primer

Apr 20, 2023 Lazarus Alliance 0 Comment

Experienced NIST 800-171 controls implementation by Lazarus Alliance

In an era where cyber threats are constantly evolving, the importance of robust cybersecurity practices in the Department of War (DoW) supply chain can never be underestimated. The DoD relies on a vast network of defense contractors to support its mission, making protecting sensitive information in the supply chain a critical concern. In response to this need, the DoD introduced the Cybersecurity Maturity Model Certification (CMMC) as a comprehensive framework to enhance the security posture of defense contractors and minimize the risk of cyber threats and data breaches.

The original CMMC framework, while effective, raised concerns among industry stakeholders, particularly regarding its accessibility for small and medium-sized businesses that work with the DoD. As a result, the DoD revised and updated the framework, introducing CMMC 2.0 to address these concerns and streamline the certification process.

We’re discussing this critical security framework to mark the Lazarus Alliance receiving our CMMC Third-Party Assessment Organization (C3PAO) accreditation. This article will provide an in-depth look at the key changes introduced in CMMC 2.0, how defense contractors can benefit from the updated framework, and guidance on preparing for CMMC 2.0 certification.