One of the biggest sore spots in HIPAA compliance has been providing individuals with their right to access their medical records. In addition to the countless anecdotal accounts about the painful process of getting medical records, a recent study demonstrated just how far there is to go for providers to be in compliance. More than […]
I am very excited to announce that my HIPAA training programs and short courses have received a complete update and new design.
Privacy by design — or “Data Protection by Design” as it is referred to in the General Data Protection Regulation (GDPR) — is essential to meaningful privacy protection. Yet, it is often quite thin and incomplete. As I wrote a few years ago about privacy by design, “The ‘privacy’ the designers have in mind might be […]
We recently developed a new overview page that discusses my approach to HIPAA training. The page discusses several dimensions about our training, including: different comprehensive annual HIPAA privacy and security modules depending upon whether an entity is a covered entity or business associate courses to cover the material at different lengths short modules (most 5 […]
Co-Authored by Prof. Woodrow Hartzog On Wednesday, the U.S. Court of Appeals for the 11th Circuit issued its long-awaited decision in LabMD’s challenge to an FTC enforcement action: LabMD, Inc. v. Federal Trade Commission (11th Cir. June 6, 2018). While there is some concern that the opinion will undermine the FTC’s power to enforce Section 5 […]
Feeling stressed out about GDPR? I can help! Here are all of my GDPR cartoons and attempts at GDPR humor in one post. It’s much better to laugh than to cry . . .
Recently, I created two new FERPA training resources. FERPA Whiteboard I created a 1-page visual summary of FERPA, which I call the FERPA Whiteboard. The idea was to summarize HIPAA in a concise and visually-engaging way. You can download a PDF handout version here. We’ve been licensing it to many organizations for training and awareness purposes. […]
Recently, I created two new GDPR training resources. GDPR Whiteboard I created a 1-page visual summary of the GDPR, which I call the GDPR Whiteboard. The idea was to capture the key points of the General Data Protection Regulation (GDPR) in a succinct and visually-engaging way. It has become quite popular, receiving thousands of downloads. You […]
Recently, I created two new HIPAA training resources. HIPAA Whiteboard I created a 1-page visual summary of HIPAA, which I call the HIPAA Whiteboard. The idea was to summarize HIPAA in a concise and visually-engaging way. You can download a PDF handout version here. We’ve been licensing it to many organizations for training and awareness purposes. […]
This week the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced an agreement to settle HIPAA violations with Filefax, located in Northbrook, Illinois. One aspect was different than their usual settlement process in that Filefax closed the business down during the OCR investigation and was no longer operating when […]