800-810-1885
Home > Blog > Compliance

Category Archives: Compliance

Caswell to Speak at Healthcare Security Summit in Los Angeles on May 21

By Lara Bergman | Published: May 20, 2013
Michelle Caswell

Michelle Caswell

Sword & Shield Risk and Compliance Consultant Michelle Caswell is among an “all-star cast” of healthcare privacy and security experts scheduled to speak at the Healthcare HITECH Privacy and Security Summit on Tuesday, May 21 at the Hilton Universal City Hotel in Los Angeles.

The Los Angeles Chapter of the Information Systems Security Association (ISSA-LA) and the Healthcare Information and Management Systems Society (HIMSS) Southern California, have partnered to hold the summit, as part of the ISSA-LA Fifth Annual Information Security Summit, The Growing Cyber Threat: Protect Your Business. The events advance ISSA-LA’s core belief that, “It takes the village to secure the village.”

According to a press release issued by the groups, the Healthcare HITECH Privacy and Security Summit will bring together leaders in privacy and security within government and private industry for a day of collaboration, networking and presentations by leading privacy and security professionals. Attendees will learn from experts what they need to know to comply with new HIPAA/HITECH rules and OCR investigations.

The U.S. Department of Health and Human Services (HHS) published the rule January 17, which modifies the privacy and security, breach notification, and enforcement regulations, now a part of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) . Covered Entities and Business Associates must be in compliance with the final rule by Sept. 23.

Read More »

Also posted in Company News, Events | Leave a comment


Discovery of Confidential Records are Potential Identity Theft Danger

By Lara Bergman | Published: May 2, 2013

Sword & Shield Director of Enterprise Sales Chris Bevil tells WBIR that if confidential medical records that were found outside the now-closed Lakeshore Mental Institute were used for identity theft, it could have serious consequences.

At this point, it’s too soon to tell if this is in fact a security breach.

“We don’t actually know what happened with the information at Lakeshore. If it was actually breached and someone did take that information. There are several things per the HIPAA Breach Notification that would have to occur,” Bevil said.

Also posted in Security News | Leave a comment


Compliance and Forensics Experts Talk to Two Nashville Groups Thursday

By Lara Bergman | Published: April 17, 2013
Bill Dean

Bill Dean

Bill Dean, Sword & Shield’s director of computer forensics and security assessments, wants Nashville-area attorneys to understand how computer investigations work so that they know what information to request and how to obtain it, while Michelle Caswell, the company’s risk and compliance consultant, gives healthcare professionals the latest information on the new HIPAA Omnibus Rule on Thursday.

Dean will speak with attorneys in the Nashville Bar Association’s conference room from noon to 1:30 p.m. CST on Thursday, April 18. Registration begins at 11:30 a.m. and CLE credits are available.

“Electronic data can make or break a litigation case,” he said.

Dean will provide information regarding:

  • The value that digital forensics can provide
  • The  basics of cloud computing
  • The facts about Metadata: What is it? What information is and is not available from Metadata?
  • Why the delete key only entertains you; and,
  • The answers to key questions about cell phone forensics: What information is available? Where is it?
Caswell Headshot

Michelle Caswell

Caswell will discuss the U.S. Department of Health and Human Services’ major modifications to the Health Insurance Portability and Accountability Act (HIPAA) Privacy, Security, and Breach Notification Rules at the Cool Springs Marriott in Franklin, TN from 11 a.m. to 1 p.m. CST on April 18.Topics to be discussed include:

  • Major changes in the Breach Notification standard
  • What policies and procedures need to be revisited based on the revised Rule
  • Amending your organization’s Notice of Privacy practices
  • Training workforce and promoting an overall sense of security
  • Forms that should be updated pursuant to the revised Rule
  • Ensuring that an updated risk assessment is in place
  • Revising Business Associate contracts
  • Direct liability of Business Associates
  • Civil monetary penalties

Register here.

Also posted in Company News, Computer Forensics, Events | Leave a comment


The New HIPAA Omnibus Rule and Your Business

By Lara Bergman | Published: March 25, 2013

Image for Our Feedburner FeedDo you know how the major amendments and additions to the HIPAA Omnibus Rule will affect your business?

Sword & Shield Risk and Compliance Consultant Michelle Caswell will tell you all you need to know at a complimentary lunch on Thursday, April 18 from 11 a.m. to 1 p.m. at the Franklin Marriott Cool Springs in Franklin, TN.

Register to learn about the U.S. Department of Health and Human Services’ major modifications to the Health Insurance Portability and Accountability Act (HIPAA) Privacy, Security, and Breach Notification Rules.

Topics to be discussed include:

  • Major changes in the Breach Notification standard
  • What policies and procedures need to be revisited based on the revised Rule
  • Amending your organization’s Notice of Privacy practices
  • Training workforce and promoting an overall sense of security
  • Forms that should be updated pursuant to the revised Rule
  • Ensuring that an updated risk assessment is in place
  • Revising Business Associate contracts
  • Direct liability of Business Associates
  • Civil monetary penalties

Your registration also provides you with a chance to win one of two $50 gift certificates to the City House restaurant in Nashville. Sword & Shield is sponsoring the lunch and the presentation at no cost to the registrants.

Free Registration

An asterisk (*) indicates a required field.







Spam Protection – Enter this word: captcha
   Contact Form Powered By Best Contact Form







Also posted in Company News, Events | 1 Comment


Caswell to Teach New HITECH Omnibus Rules to North Georgia MGMA

By Lara Bergman | Published: March 13, 2013

Michelle Caswell

Sword & Shield Risk and Compliance Consultant Michelle Caswell will visit the North Georgia Medical Group Management Association (MGMA) for lunch Thursday, March 14 to provide MGMA members with information on the U.S. Department of Health and Human Services’ major modifications to the Health Insurance Portability and Accountability Act (HIPAA) Privacy, Security, and Breach Notification Rules.

Director of Consulting Sales Chris Bevil also will be available to answer questions regarding services Sword & Shield offers to assist in complying with these new modifications.

MGMA members register here to attend. Lunch and the presentation run from 11:30 a.m. to 1 p.m. at the Dalton, GA Golf & Country Club and one hour of Continuing Educations Units is available.

Topics to be discussed:

  • Major changes in the Breach Notification standard
  • What policies and procedures need to be revisited based on the revised Rule
  • Amending your organization’s Notice of Privacy practices
  • Training workforce and promoting an overall sense of security
  • Forms that should be updated pursuant to the revised Rule
  • Ensuring that an updated risk assessment is in place
  • Revising Business Associate contracts
  • Direct liability of Business Associates
  • Civil monetary penalties
Also posted in Company News, Events | Leave a comment


HIPAA Consultant to Speak at Florida Healthcare Event

By Lara Bergman | Published: February 26, 2013

Sword & Shield HIPAA Compliance Consultant Michelle Caswell will speak to medical practice professionals at an after-hours event on Thursday, Feb. 28 from 5:30 to 8 p.m. at the Fairwinds Credit Union’s University Branch in Orlando, FL.

Caswell will educate Orlando healthcare specialists on the changes in HIPAA compliance for this year, including the Department of Health and Human Services (HHS), Office of Civil Right’s (OCR) plans to bring about “sweeping changes” toward HIPAA compliance. Leon Rodriquez, the HSS director, has promised that the introduction of the HITECH Omnibus Rule requiring the need for regular risk assessments, contingency plans, new policies and procedures and staff training will be enforced.

Sword & Shield, along with Fairwinds Credit Union and Secure Health Systems, are sponsoring the event. Food and beverages will be served.

Other topics include “Physician-Owned Practice Management,” “Your Practice – Your Investment,” and “Pros and Cons of ACOs (Accountable Care Organizations).”

Orlando-area professionals who wish to attend the event, should visit the Secure Health Systems’ “Events” page to register for the event.

 

 

 

Also posted in Company News, Events | Leave a comment


HITECH Omnibus Rule Overview Lunch and Learn February 19

By Lara Bergman | Published: February 4, 2013

Join Sword & Shield Risk and Compliance Consultant Michelle Caswell for lunch on Tuesday, Feb. 19 to discover the U.S. Department of Health and Human Services’ major modifications to the Health Insurance Portability and Accountability Act (HIPAA) Privacy, Security, and Breach Notification Rules in the Federal Register.

The lunch runs from 11 a.m. to 1 p.m. at the Knoxville Chamber of Commerce’s Market House Ballroom on Market Square. We will also offer participants the chance to win gift certificates to Tupelo Honey.

Topics to be discussed:

  • Major changes in the Breach Notification standard
  • What policies and procedures need to be revisited based on the revised Rule
  • Amending your organization’s Notice of Privacy practices
  • Training workforce and promoting an overall sense of security
  • Forms that should be updated pursuant to the revised Rule
  • Ensuring that an updated risk assessment is in place
  • Revising Business Associate contracts
  • Direct liability of Business Associates
  • Civil monetary penalties

Free Registration

If you can’t see the registration form in your RSS reader, click here.

An asterisk (*) indicates a required field.
First Name*
Last Name*
Organization
Email*
Telephone*
Your State
Message

Spam Protection

 Enter this word: captcha
Also posted in Events | Tagged | 4 Comments


HHS announces first HIPAA breach settlement involving less than 500 patients

By Lara Bergman | Published: January 3, 2013

The Hospice of North Idaho (HONI) has agreed to pay the U.S. Department of Health and Human Services’ (HHS) $50,000 to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule.  This is the first settlement involving a breach of unprotected electronic protected health information (ePHI) affecting fewer than 500 individuals.

The investigation conducted by the HHS Office for Civil Rights (OCR) followed a breach report submitted by HONI as required by the Health Information Technology for Economic and Clinical Health (HITECH) Act reporting the theft of a laptop computer containing the ePHI of 441 patients.  Over the course of the investigation, OCR discovered that HONI had not conducted a risk analysis to safeguard ePHI.  Further, HONI did not have in place policies or procedures to address mobile device security as required by the HIPAA Security Rule.  Since the June 2010 theft, HONI has taken extensive additional steps to improve their HIPAA Privacy and Security compliance program.

Read the complete story here.

Sword & Shield provides a number of services to ensure your organization complies with the HIPAA Security Rule, including a risk analysis that explains the risks associated with protecting your ePHI. For more information, visit our HIPAA Compliance page.

Also posted in Security News | Tagged , | Leave a comment


Company Healthcare Security Consultant to Speak at HIMSS Northwest Conference

By Lara Bergman | Published: November 12, 2012

Sword & Shield Enterprise Security Regional Sales Consultant Manager Bowe Hoy will speak with members of the Northwest Healthcare Information and Management Systems Society (HIMSS) on healthcare security breaches at the group’s Second Annual HIMSS NW Technology and Education Symposium in Bellevue, WA.

Hoy, a healthcare security consultant, will present “Healthcare Under Attack: Preventing, Detectiving and Responding to Security Breach Incidents” at 11:30 a.m. PST Tuesday, Nov. 13 at the Embassy Suites Hotel. The symposium begins today and runs through Tuesday.

The theme of this conference is “Connected Communities of Care”. Healthcare professionals from around the country join to learn how technology is advancing the healthcare reform movement toward accountability across the public, private, provider, payer, and patient communities.

Presenters will share their experiences, ideas, plans and breakthrough technologies – developed to help healtcare information managers improve the health and care of patients and the public. This conference focuses on what the managers know, what is underway, what is available, what has worked and what has not.

Sword & Shield helps customers understand the business risks associated with HIPAA and how an organization’s staff, policies, procedures, and technology compare with HIPAA security rule requirements.

Also posted in Events | Leave a comment


Sword & Shield Visits the NCRA Conference in Tampa, FL

By Lara Bergman | Published: November 8, 2012

Representatives of Sword & Shield Enterprise Security will be available at the National Credit Reporting Association’s 20th annual conference at the Saddlebrook Resort in Tampa, FL today and tomorrow, Nov. 8 and 9 to discuss our PCI and EI3PA assessment offerings.

Sword & Shield and the NCRA have partnered to provide member organizations access to discounted vulnerability assessments, risk and compliance assessments and rapid response plans.

Founded in 1992, the NCRA  is a national trade organization of consumer reporting agencies and associated professionals that provide products and services to hundreds of thousands of credit grantors, employers, landlords and all types of general businesses. NCRA’s membership includes two of every three mortgage credit reporting agencies in the United States that can produce a credit report that meets the requirements of Fannie Mae, Freddie Mac and HUD for mortgage lending. Additionally, our members produce reports for employment screening and tenant screening.

NCRA members must agree to comply with all federal and state applicable laws, including the Fair Credit Reporting Act, the Fair and Accurate Credit Transactions Act, and the Gramm- Leach-Bliley Act. These laws define the appropriate procedures for obtaining consumer and credit information, establishing the responsibilities and privacy protocols of the users and furnishers of consumer information.

Also posted in Events | Tagged , | Leave a comment