Anatomy IT Blog

A Corrective Action Plan (CAP) is an enforcement action the Office for Civil Rights (OCR) demands a Covered Entity or Business Associate undertake in response to a violation of HIPAA…

All HIPAA documentation should be well-organized and easy to access in case of an OCR audit, or worse, a breach. Keep an organized record of staff training, certifications, Business Associate…

Almost everyone in today’s day and age knows the word “phishing”, yet every day (or hour, or minute) and organization is attacked by threat actors through phishing. A phishing attack…

How does the old saying go “nothing lasts forever!” Truer words were never spoken. In a healthcare environment one of the most important areas to keep track of during your…

In healthcare your organization must comply with the laws that regulate this industry. Everyone in a healthcare organization must adhere to the requirements established by the government. Some of the…

A Facility Security Plan is documentation outlining implementation of practices ensuring an organization is conducting business in compliance with HIPAA regulations and policies. The purpose of this policy is to…

Why is this such a mystery for many healthcare companies? And why do so many shy away from improving the organization’s security posture? HIPAA Compliance is about aligning values associated…

Why is it so important to educate staff, physicians, owners and third parties – Business Associates and their subcontractors – on protecting and securing patients’ medical information, either in paper…