News & Upcoming EventsMay 2014
Quick Links...
Follow us on Twitter      View our profile on LinkedIn        

Catch up on the latest news from CynergisTek about HIPAA audits, heartbleed and other common security threats around the industry. We also have several upcoming HIPAA compliance workshops and we hope to see you at one. 
How To Prep For OCR HIPPA Audits


Now that OCR has announced it will resume the random audit program in FY15 many covered entities and business associates need to be prepared. Mac McMillan recently provided Becker's CIO with a few tips. 


Click here to read the article.

CISOs Biggest Fear


"The things that scare me are the things I don't know. There's a constant threat out there, from all different angles - whether it's viruses or it's hackers or it's information theft, internally and externally." 

-Heather Roszkowski, chief information security officer,

 Fletcher Allen Healthcare


Click  here to read the article featured in HealthcareITNews.

Gone Phishing!


Phishing continues to be a popular tactic and has become more sophisticated. Read about how one organization had thousands of dollars stolen from its HR portal


Click  here to read the article featured in

Upcoming Compliance Workshops
Join local privacy, security and IT peers for a free HIPAA compliance workshop. Workshops are led by industry expert Mac McMillan and David Holtzman. The session will review top security and privacy challenges, including impacts of the Omnibus Rule, review all of the different compliance audits and look at some of the top security threats. McMillan and Holtzman share insight from their firsthand experience and provide guidance for attendees to incorporate into their privacy and security programs.
  • May 29th, Indianapolis, IN -Register now
  • Tallahassee
  • San Jose
  • Stamford, CT
  • Beaumont, TX
  • Atlanta 
  • Baltimore
  • Sioux Falls, SD
  • Chicago
Heartbleed Bug: What You Should Know


There is an overwhelming amount of news and information on the heartbleed vulnerability. Cut through the clutter and read expert advise and practice tips by CynergisTek's COO, Dr. Michael Mathews.


Click here to read the article featured in Modern Healthcare.

Vendor Management Post Omnibus


Our recent webinar on how covered entities can better manage their vendors is now available to watch online. Industry experts outline what the CEs role is in vendor management and introduce solutions to help manage BAs after the Omnibus.


Click here to watch it.

Compliance Q&A


The Omnibus Rule gives patients the right to request a restriction related to procedures if they pay in advanced with cash. Several have asked if the Covered Entity is responsible for respecting this restriction during subsequent interactions with the patient where the health plan may be involved.  


Mac McMillan says the short answer is yes. The CE is responsible for making sure that the health plan does not see this information until and unless the patient lifts the restriction. However, the longer answer is that this can create issues for the patient down the road. In certain cases treatment paths associated with certain conditions exist and are expected to be followed. For a health plan to pay they sometimes expect to see the natural progression of these paths. Where an earlier procedure was restricted and the condition eventually worsened requiring additional procedures, the health plan may require evidence of those earlier steps before agreeing to pay. If this information is restricted it could create a problem for the patient. They should be properly advised of this possibility and then allowed to make their own decision. 


Have a compliance question you would like answered by the experts? Click here to email us your question.