Yearly HIPAA Security Reviews are critical to meeting compliance requirements of all organizations under the HIPAA umbrella, either directly or via being a Business Associate. We have found that many organizations, especially the smaller ones, do not place much emphasis on these reviews, skip them, ignore them, or hope that they go away. They treat them as a necessary “check mark” rather than an active process that is instrumental to maintaining security and preventing the breaches that been cropping up all over the news.
Solid Security Reviews improve your company’s inherent security posture and awareness and the security of all services you employ through all vendors … including your secure email and secure forms. I.e. the security of your outsourced services can be compromised if your own systems are compromised.
As such, LuxSci proactively recommends all HIPAA customers and all customers with similar needs, to undergo yearly security reviews. One excellent organization that performs these is Security Compliance Associates.
Today we are interviewing Randy Homa, Senior Vice President and Director of Health Care Services, at Security Compliance Associates (SCA). He will address many of the questions we have had posed with respect to HIPAA Security Reviews.
Read the rest of this post »