News & Upcoming Events
July 2014
Quick Links...
Follow us on Twitter      View our profile on LinkedIn        

Last week Linda Sanches of OCR told the HIMSS Privacy & Security Forum that the phase two audits are not going to start for a little while longer. Catch up on what she had to say, as well as news and upcoming events from CynergisTek in this month's e-newsletter. 
We're Moving!


On Monday, September 22nd, CynergisTek's headquarter office is moving to a larger office space in Austin, Texas to meet the needs of a growing team. Over the past few years, CynergisTek has experienced a consistent increase in sales and made many strategic additions to the team. 

CHIME Launches Association for HIT Security Professionals

CHIME recently launched its newest association, AEHIS. It is the first professional association dedicated to the security professional. CynergisTek CEO Mac McMillan was invited to be a keynote speaker at three events this fall and the company was invited to be a Foundation Firm.



CHS Breach: What You Need to Know & Do Today


Last month CHS made news with a breach of 4.5 million records. As an industry, we need to take several steps to prevent a similar event occurring elsewhere. David Holtzman and Mac McMillan provide some guidance on what to do to be more proactive.


OCR Audits Delayed

Linda Sanches says that the phase two random audit program will be further delayed and that they are reducing the size of the audits. She does recommend to be ready though and says, "We'll be looking for periodic risk analysis and evidence of compliance, as well as documentation of policies and procedures being in place."



CynergisTek Ranked in Inc. 5000 Fastest Growing Private Companies List


Inc. Magazine unveiled its 33rd annual list of America's fastest-growing private companies and CynergisTek ranked number 2252 with 174% sales growth over three years. The list represents the most comprehensive look at the most important segment of the economy-America's independent entrepreneurs. 



Upcoming HIPAA Compliance Workshops
Join local privacy, security and IT peers for a free HIPAA compliance workshop in your city. All sessions are led by either industry expert Mac McMillan or David Holtzman. They will review top security and privacy challenges, including an outlook of recent incidents and enforcement, review all of the different compliance audits and look at some of the top security threats. McMillan and Holtzman share insight from their firsthand experience and provide guidance for attendees to incorporate into their privacy and security programs.
Register today before seats fill up. If you don't see your city email us to schedule a workshop in your area.


Compliance Q&A


In every newsletter we answer some of the toughest compliance questions we receive from our newsletter readers, clients and at association events. This month David Holtzman addresses, "What should we do about our vendors that say they are not considered a BA and won't sign a revised BA agreement before the September 23rd deadline?"


"When there is disagreement try using the WEDI BA Decision Tree to help perform a careful assessment to determine if the vendor is a business associate. In fact see if you can review it with them. Often disagreement is the result of misunderstanding the requirement. Reaching consensus is critical to the rest of your negotiations with them. If you find that the vendor is a BA and they still will not sign a BA agreement, then you may not have a choice but to cease activities that involve the use or disclosure of PHI with that vendor. Don't forget the Security Rule also expects you request return or secure destruction of any PHI held or maintained by the vendor. You should also consult Legal to determine any rights and responsibilities under any master contract agreement with the vendor. Remember knowingly sharing ePHI with a third party without a BA puts you at risk."


Have a compliance question that you would like answered by the experts? Email us your question.