Now that the election hype is over, I was kind of looking forward to things settling down with the crisp fall weather and a tiny break for Thanksgiving (which just crept up early it seems!) But now it looks like there is a post-election frenzy on key issues impacting security and compliance in the Healthcare field  just getting started – let’s talk Healthcare big dates.

December 14th – Just last Friday afternoon, the Department of Health and Human Services extended the deadline until Dec. 14 for states to submit plans to set up state-based health insurance exchanges under the health care law. Those states that want to partner with the federal government have until Feb. 15 to outline the duties the state government would handle in running the exchanges.

March 24, 2012 is behind us, but one can’t help but wonder when the so-called HIPAA “Mega Rule” will hit the streets.  Just in case you forgot:  the Office of Civil Rights (OCR) completed the draft rules on HIPAA/HITECH in March and then sent the draft to the Office of Management & Budget (OMB) for review prior to publication. OMB reviews are said to last up to 90 days, but it’s been almost 240 days so far, so the release is overdue. OCR packaged four rules into one under the title, “Modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules”:

The final rules will include:

  • Modifications to the HIPAA    Privacy and Security Rules (namely making business associates and      subcontractors liable and responsible for security-rule compliance and the use and disclosures provision of the privacy rule)
  • Enforcement (new penalty levels)
  • Breach notification

Indeed the discussion continues.  I am pleased to say that Lynne Dunbrack, IDC HealthInsights, analyst will be joining CORE Security on an upcoming webcast.  She’ll cover current gaps in healthcare compliance mandates as well as challenges faced by mid-sized and small security teams at Healthcare organizations.  Lynne A. Dunbrack is a nationally recognized thought leader in the application of IT to the business problems of the health industry. Her understanding of industry needs is grounded in experience over the last 25 years working in a variety of positions in the healthcare field including her tenure at NaviMedix, Tufts and MA-SHARE, one of the first regional health organizations.  Lynne will give us an insider view on how teams are preparing for audits and what they are doing to contain costs.  I can’t give away all the details, so you’ll just need to tune in on Tuesday, November 27, at 2pm ET.   Click here to learn more:  http://ws.coresecurity.com/IDCHealthcareWebcast.html

Seema Sheth-Voss

Director of Solutions Marketing, CORE Security