Protecting patient information is a crucial and necessary part of healthcare… but so is communicating effectively with patients. Considering that email continues to be the most common form of electronic communication, it stands to reason that providers meet patients where they are.

However, HIPAA regulations have rather strict requirements for protecting PHI, and plain email just doesn’t cut it. Here, we’ll discuss how to effectively use email to engage with patients without breaking compliance.

Audit Machine Awareness

The HIPAA Security Rule and Risk Management

Apr 7, 2022 Continuum GRC 0 Comment

The Healthcare Insurance Portability and Accountability Act (HIPAA) is one of the more complex regulations in the U.S., due in no small part to the complicated and open-ended nature of the law.

What should companies do? In this case, covered organizations are turning to risk-based assessments to help them support their security approaches.

Here, we will discuss how risk plays a role in the rule of HIPAA law.

Awareness Frameworks Resources

What Your MSP Should Know About HIPAA Compliance

Apr 8, 2021 Continuum GRC 0 Comment

The complexity of healthcare service demands robust technical infrastructure. Advances in patient treatment, research, diagnostic tools and even predictive analytics and AI have pushed technologies available to healthcare providers, which means that these organizations turn to expert providers to give them new tools and features to revolutionize their patient care models. This increased reliance on Cloud Service Providers (CSPs) or a Managed Service Providers (MSP) means that these organizations must rely on HIPAA-compliant technologies, which means counting on HIPAA-compliant vendors to provide them.

Here, we discuss why HIPAA compliance is so important to MSPs, and why MSPs must not only be compliant but work with security experts and compliant partners as part of their operations.