Health Information Compliance Alert
Ohio Implements Safe Harbor Law for Cybersecurity
In another case of the states supporting data security best practices, Ohio has upped its game. The Buckeye State has enacted a safe harbor law that protects businesses that implement strong cybersecurity protocols. “Effective Nov. 2, 2018, Ohio’s Data Protection Act (DPA) has been supplemented with an incentive-based mechanism to strengthen cybersecurity business practices,” write attorneys Allen O’Rourke, Theodore F. Claypoole, and Alysa M. P. Austin of Womble Bond Dickinson, LLP in legal analysis. “Specifically, it offers a safe harbor against data breach lawsuits for businesses that implement, maintain and comply with an industry-recognized cybersecurity program (S.B. 220).” Organizations that take the protection of personal information seriously may have a fallback, depending on the stringency of their programs, according to the Ohio Data Protection Act (DPA) guidance. However, the DPA does require that cybersecurity protocols keep in line with other mandates such as HIPAA or the National Institute of Standards and Technology (NIST) frameworks in order for safe harbors to apply. Read the DPA details at www.legislature.ohio.gov/legislation/legislation-summary?id=GA132-SB-220.
Health Information Compliance Alert
- HITECH:
RFI Spells Trouble for Breached Practices in the Future
Feds look at ways to quantify HIPAA breaches — and pay patients for lost PHI. [...] - Telemedicine Roundup:
Virtual Care Goes Mainstream in 2019
Telehealth services are at the intersection of many new policies. There’s no denying that technology [...] - Cybersecurity:
Pocket This Charity Advice to Sidestep Scams
Tip: Do your research before your practice donates cash. Helping a worthy charity or bolstering [...] - Toolkit:
Beef Up Your Cybersecurity With This New Tool
Hint: Calculate your practice risk and manage it. Under the provisions of the HIPAA Security [...] - Reader Question:
Cut Down On Identity Theft With Proper PHI Disposal Protocols
Question: Our primary care practice is relocating to another office with more space, and we’re [...] - Enforcement News:
Anthem's HIPAA Settlement With OCR Biggest in History
As 2014 ended and 2015 began, private payer, Anthem, Inc., suffered the biggest HIPAA violation [...] - Enforcement News:
Ohio Implements Safe Harbor Law for Cybersecurity
In another case of the states supporting data security best practices, Ohio has upped its [...]