A Q&A with Michael Whitcomb of Loricca
The Department of Health and Human Services’ Office for Civil Rights will resume its HIPAA compliance audit program this fall, focusing on both covered entities and business associates with a limited number of narrowly focused “desk audits” as well as comprehensive onsite audits. I asked Michael Whitcomb, founder and president of the IT security and compliance firm Loricca, Inc., what healthcare organizations need to do in anticipation of this increased scrutiny.

A Q&A with Lynn Sessions of Baker Hostetler
In enforcing the HIPAA/HITECH regulations, the Department of Health and Human Services’ Office of Civil Rights (OCR) has been coming down on healthcare organizations with recent fines of US $1.7 million, and yet the OCR and its investigations remains an area of mystery for many organizations. I asked Lynn Sessions, counsel at Baker Hostetler in Houston, TX, for some perspective on OCR’s process for ensuring data security and privacy compliance in healthcare.