With HIPAA, HITECH and the FTC's Red Flags Rule, privacy and security officers are facing a collision of compliance obligations, reports HealthLeaders Media. A trio of experts offers advice on how to handle converging obligations. Breach prevention, they say, is critical. "Implement a three-step process to protect all patient information that includes plans for what to do before, during and after a security incident," says Andrew Blustein, a partner at Garfunkel Wild & Travis PC. The experts offer specific breach-prevention tactics, such as incorporating technical safeguards and educating employees. They also recommend conducting regular audits, creating an incident-response program and learning from breach incidents when they occur.
If you want to comment on this post, you need to login.