Refreshing your HIPAA Security Rule compliance


Flask Data provides a one-stop cloud subscription for EDC, data management and statistics.

Clients frequently ask us questions like this.

Danny,

I have a quick question about our HIPAA compliance that we achieved back in early 2013. Since then  we have released a couple of new software versions and we are wondering to what extent we need to perform another security and compliance assessment.  Please let us know what sort of information you might require to evaluate whether or not a new HIPAA security rule assessment is required.

What about the upcoming changes in HIPAA in 2016?

Any software changes that increase the threat surface to attacks (new ports, new interfaces, new modules that use PHI) would be reason to take a look at your Security Rule compliance.
Re HIPAA 2016 – OCR is still making plans but it is almost certain they will be doing audits.    I believe that due to sheer size of the program – they will start with the biggest hospitals – I do not think that small medical device vendors will be on their radar – although the big guys that had serious adverse events will probably get audited (insulin pumps, implanted cardiac devices)
In general, if you are developing medical software that connects to the Internet or the mobile Internet – you should not wait 3 years between security assessments.  Make secure software development methdology part of the way you develop software and audit once/year or on any major release.
Danny

 

Related Posts Plugin for WordPress, Blogger...

Flask Data is a technology company with a strong people focus. We are a diverse group of computer scientists and clinical operations specialists based in Israel, the US and India. We are accomplished at providing our customers with the most effective way to achieve high quality clinical data and assure patient safety. There is no single solution that works for every clinical trial. We work hard to understand your unique situation. We work with your team to develop the best solution to achieve high quality clinical data and assure patient safety the same day you engage with patients.

Flask Data – same data data and safety solutions for clinical trials.

Contact us to learn more

Tell your friends and colleagues about us. Thanks!
Share this

Leave a Reply