I wrote a blog almost exactly one year ago that outlined the years of regulatory attempts to increase cybersecurity by requiring disclosures of risk factors, strengthening Board oversight and various legislation related to cyber security. It’s...
Mary Chaput

Recent Posts
An Update on OCR activities- March 2018
Marianne Kolbasuk McGee just reported that Roger Severino, HHS OCR Director, has told ISMG that there will be no Phase 3 HIPAA compliance audits, rather the information gleaned from the Phase 2 Audits will be analyzed for “putting them into a...
Insights and Updates: The Latest OCR News
Update on Budget Cuts: Following a $4 million increase (10%) in its 2017 budget to $43 million, OCR is facing a $5 million cut to $38 million in 2018…and with President Trump’s most recent proposal, that amount could be cut to $33 million. With...
A Cost-Effective Solution for Strengthening Cybersecurity
Originally published by Healthcare Financial Management Association
Call for State Privacy Laws to Align with HIPAA
In December 2016, the National Governors Association (NGA) released a report calling for improvements in the exchange of clinical information among healthcare providers in different states. Current conflicting and restrictive state laws, in...
Chaos in Data Transfer Laws between the EU and US
In 1995 the EU adopted the Data Protection Directive regulating the exchange of personal data within the European Union and requiring the prohibition of those flows to third countries with inadequate privacy protection. In July of 2000, the...