Episode 421: What You Need to Know About Breach Reporting If Your Practice Was Impacted By The Change Healthcare Debacle
Group Practice Tech
English - June 14, 2024 12:00 - 19 minutes - 14.8 MBTechnology Business therapypractice Homepage Download Google Podcasts Overcast Castro Pocket Casts RSS feed
Welcome solo and group practice owners! We are Liath Dalton and Evan Dumas, your co-hosts of Group Practice Tech.
In our latest episode, we’re updating group practice owners on the Change Healthcare breach.
We discuss recent guidance from the OCR (the Office of Civil Rights); how Change Healthcare is failing to meet their obligations as a HIPAA Business Associate and as a HIPAA Covered Entity; breach reporting requirements; 3 important pieces of good new for practice owners; how you can talk to clients about this; and whether we recommend preemptively reporting this breach on your own.
Listen here: https://personcenteredtech.com/group/podcast/
For more, visit our website.
Direct Resourcesfrom HHS and the OCR: "Change Healthcare Cybersecurity Incident Frequently Asked Questions" -- see FAQ #6 in particular
PCT ResourcesPCT CE Training: HIPAA Security Incidents & Breaches: Investigation, Documentation, and Reporting (1.5 legal-ethical CE credit hour on-demand, self-study video course)
HIPAA Risk Analysis & Risk Mitigation Planning service for mental health group practices -- care for your practice using our supportive, shame-free risk analysis and mitigation planning service. You’ll have your Risk Analysis done within 2 hours, performed by a PCT consultant, using a tool built specifically for mental health group practice, and a mitigation checklist to help you reduce your risks.
weekly (live & recorded) direct support & consultation service, Group Practice Office Hours
+ assignable staff HIPAA Security Awareness: Bring Your Own Device training + access to Device Security Center with step-by-step device-specific tutorials & registration forms for securing and documenting all personally owned & practice-provided devices (for *all* team members at no per-person cost)
+ assignable staff HIPAA Security Awareness: Remote Workspaces training for all team members + access to Remote Workspace Center with step-by-step tutorials & registration forms for securing and documenting Remote Workspaces (for *all* team members at no per-person cost) + more
Other Related & Relevant ResourcesJD Supra Article & Podcast from healthcare attorneys: "What to Do When Your Business Associate Suffers a Ransomware Attack"
Also see the Ransomware Breach Decision Tree
Wired Article: Medical-Targeted Ransomware Is Breaking Records After Change Healthcare $22M Payout