News

HealthData Management Article Discusses Blog Post by Randy Gainer on ONC Security Tool

An article in Health Data Management magazine (“ONC Needs to Improve Risk-Rating Features of New Security Tool,” April 16, 2014) discussed “the risk-rating features of a tool developed by the Office of the National Coordinator for Health IT to help healthcare providers in small to medium sized physician offices conduct security risk assessments (SRA).” Referencing an April 9, 2014, post by Randy Gainer on BakerHostetler’s blog, Data Privacy Monitor, the article reported that the tool needs improvement. The article quotes Gainer’s assessment that "the tool offers incomplete guidance regarding why the risks associated with each requirement should fall into the 'Low' category as opposed to the 'Medium' or 'High' category. Users are left to guess whether failing to comply with a requirement would have a low, medium, or high likelihood of affecting the confidentiality, integrity, or availability ePHI, and whether the impact of such an effect would be 'Low,' 'Medium,' or 'High.'"

Read the article.

Blog

In The Blogs

Previous Next
Data Counsel
Ann O'Brien, Jeewon Serrato, Alyse Stach Author Article Examining Privacy and Antitrust Issues
By Ann M. O'Brien, Jeewon K. Serrato, Alyse F. Stach
June 29, 2020
Partners Ann O’Brien and Jeewon Serrato and Associate Alyse Stach authored an article published by the International Association of Privacy Professionals (IAPP) on June 23, 2020. The article, “The Thin Line Between Privacy and Antitrust,”...
Read More ->
Data Counsel
CPRA Moves Forward Despite COVID-19 Woes
By Taylor A. Bloom, Kyle R. Fath
June 24, 2020
On Friday, June 19, the Superior Court of California issued a ruling that paved the way for Californians to see the California Privacy Rights Act (CPRA) on the ballot in November. In its ruling, the court recognized that Alastair...
Read More ->
Data Counsel
The Destruction of Privilege and Work Product Protection for Data Breach Investigations?
By Joseph L. Bruemmer, David A. Carney, Casie D. Collignon, Joseph P. Collins, Craig A. Hoffman, Thomas E. Hogan, Theodore J. Kobus III, Aleksandra Vold
June 17, 2020
Attorneys play an important role in the incident response process. A skilled and experienced attorney can help organizations effectively respond to a security incident in a way that complies with obligations, protects key relationships...
Read More ->
Data Counsel
Welcome to Data Counsel
By Theodore J. Kobus III
June 14, 2020
Dear Friends, In January, we announced the creation of the firm’s 6th practice group—Digital Assets and Data Management. Since September 2010, members of our group have been covering privacy and security topics through our Data Privacy...
Read More ->
Data Counsel
CCPA Final Regulations Published in Advance of July 1 Enforcement Date
By Alan L. Friel, Jeewon K. Serrato
June 10, 2020
On June 1, 2020, the Office of the California Attorney General (OAG) submitted the final proposed regulations (final regs) under the California Consumer Privacy Act (CCPA or the Title) to the California Office of Administrative Law (OAL)...
Read More ->