The OCR's New Penalty Structure
The Office of Civil Rights (OCR) has revised and issued a new penalty structure for HIPAA violations. The bottom line of this new structure is that the OCR is taking a covered entities’ security posture into account in deciding when and how much to levy in fines for HIPAA violations. Vendor security risk management programs play a key role in demonstrating an organization’s proactive measures to reduce data security risk.
Read More