Alan Davis, PMP, GSLC

Alan Davis, PMP, GSLC

Principal at Proteus Consulting LLC

Hayden, Idaho

Total Contributions 157
Nov 15, 2017We Don't Own Amazon Stock...
Nov 7, 2017Information re: How Health Plans Certify Compliance
Oct 25, 2017If True, A New (or Different) Trend...
Jul 14, 2016Here's Another Reason to Not Share Your Password
Jul 5, 2016Will This Affect Future HIPAA Breaches?
Jun 30, 2016Bonus: A Great (and Updated) Article & Infographic of OCR's 36 Enforcement Actions
Jun 28, 2016It Started as a Disaster, But Concluded with Important Points
Jun 23, 2016I'm Not Going to Lie... I Posted This Based on the Title Alone
Jun 22, 2016While We Don't Know the Cause...
Jun 20, 2016LOTS of Business Associate Posts Making Headlines
Jun 17, 2016The Realities of Provider Practice vs. Secure Practices
Jun 13, 2016Hard to Tell Intentions: Any Truth to the Author's Speculation
Jun 9, 2016Anthem: Anyone Remember These Guys?
Jun 3, 2016Another Breach Notification Announcement that Leaves the Same Question...
May 18, 2016The Supreme Court and Privacy Damage Case Law
May 17, 2016A Reminder for the Public Sector
May 11, 2016A Phlebotomist Walks Into a Bar...
May 6, 2016Great Advice for CE Employers
May 3, 2016The Title Made Me Click
Apr 29, 2016Self Insured Employers and HIPAA
Apr 25, 2016Something Old... Something New (or Overlooked?)...
Apr 12, 2016Before We Conclude That This Post Doesn't Apply to HIPAA...
Apr 5, 2016That Was Pretty Fast... Three New Class Action Lawsuits
Mar 25, 2016California Provides Four Years' of Data Breach Information
Mar 16, 2016OUCH! When OCR Finishes, In Come the Lawyers and Risk Remediation
Mar 15, 2016You'd Be Surprised How Many Times We See This
Mar 14, 2016Some Great Points for Sharing PHI
Mar 9, 2016Laptops, Oh You Mean THOSE Laptops...
Mar 7, 2016Do You Ask Your Cloud Vendors and Other Business Associates About Security?
Mar 4, 2016Breach Notification Criteria
Mar 1, 2016Unsecured ePHI in Transit: The OCR Has Warned Us All
Feb 29, 2016The Tale of An Unencrypted Laptop, an Automobile, and a Thief...
Feb 24, 2016HIPAA and Social Media
Feb 19, 2016What About §164.314 and §164.316...
Feb 16, 2016How Can We Perform a Risk Analysis Without Knowing the Assets?
Feb 9, 2016FERPA and HIPAA
Feb 2, 2016Not a Unique Case of Unauthorized Disclosure
Jan 25, 2016New(?) HHS Website Content
Jan 25, 2016A Clapper Law Setback or Just an Anomoly? Massachusetts Judge Opens Litigation Door...
Jan 25, 2016For Less than $20, This Could Have Been Avoided
Dec 9, 2015I've Personally Seen This No-win Situation...
Dec 9, 2015Interesting Infographic Supporting Breaches and Unauthorized Disclosure
Nov 25, 2015Updated Breach Statistic(s) Slides
Nov 10, 2015A Reminder that SRAs are Very Important, and that HHS Isn't the Only Agency Caring About CE and BA Behavior
Nov 10, 2015Another Unencrypted Laptop, Another Car, Can You Guess the Result?
Nov 10, 2015Security Vulnerabilities and Civil Litigation: Has This Happened With an ePHI Spillage?
Nov 10, 2015Update to the OCR Q&A Portal
Nov 10, 2015FCi Federal: Coming to a CE or BA Near You
Nov 10, 2015OIG Making Waves Again: How Much Will Healthcare Actually See Here?
Nov 10, 2015Connecticut OIG Showing Us that OCR Isn't the Only Accountability Office
Oct 17, 2015A Real Paradox for Small Providers?
Oct 17, 2015This (if true) is Arguably a Good Trend
Oct 17, 2015Something to Consider When Developing Security Policies and Procedures - Information Liability
Oct 17, 2015Patient Access to Their ePHI: A HHS Talking Point
Oct 17, 2015The Report Titles Sound Humorous, But Literally They Aren't Funny
Oct 17, 2015OCR Opens a HIPAA-questions Portal
Oct 14, 2015Super Reminder for Texting and HIPAA
Oct 14, 2015The Bad News: A Laptop Was Stolen. The Good News: It was Encrypted
Oct 13, 2015Amazing How This Isn't HIPAA Specific, but Is What Every CE and BA Should Do - NOW
Sep 23, 2015Healthcare Breach Litigation Factors
Sep 23, 2015Today a Quick List of Ideas to Keep Our Mobile Devices Secure(r)
Sep 23, 2015Back to the Grindstone: HIPAA Reminds Us Emergencies Don't Change Things (with some exception)
Sep 23, 2015This May Belong in a Leadership Forum More than the HSG - But It's Relevant (To Many of Us)
Sep 23, 2015We're Tipping the Scales
Sep 23, 2015OCR and FTC Safeguarding Health Information Conference
Sep 23, 2015"...We're Not in Kansas Anymore"
Sep 23, 2015A Good Example of Not Completely Relying on Technical Safeguards
Sep 23, 2015Akron Children’s Hospital: A Different Kind of Spillage
Aug 23, 2015High Profile Patients: No One Looks, Right?
Aug 23, 2015Human Error in Colorado Breach
Aug 23, 2015An Outstanding Clapper Primer: Relevant to HIPAA Breach Notification
Aug 23, 2015It's Been Awhile Since We Talked About Business Associates
Aug 22, 2015It's Not a Surprise to Hear that Employees are Confident - But the Proof is in the Pudding
Aug 22, 2015A Nice Presentation of Recent OCR Actions
Nov 14, 2017If Experian has a health company or department supporting billing functions, I wonder how many...
Nov 13, 2017David, nice post. I don't agree with the author re: that communications mismanagement is worse...
Nov 12, 2017HIPAA aside, how can someone set up any kind of managed care facility and not...
Oct 24, 2017Thanks Allison Dolan; long day yesterday and I didnt think of that perspe...
Oct 23, 2017Only organizations can be HIPAA compliant. Hopefully no one these days will fall for a...
Oct 15, 2017Do you think HIPAA will transition to receive more oversight or leverage from the insurance...
Oct 4, 2017Allison Dolan and
Jul 17, 2016From the "just in our inbox" OCR press release of the same information, we note...
Jul 17, 2016Thanks for sharing Owen D...
Jul 17, 2016Thank you Owen and best wishes to your clients that their audit stays "at desk's...
Jul 17, 2016A good team will do as they can research / are trained and ask for...
Jul 14, 2016Nice series Walter Paley
Jul 6, 2016Ryan, do you have any webinar details (e.g. content)? HIPAA is a broad stroked brush...
Jul 4, 2016At least ONC looks like it has the lead; I was afraid OCR was going...
Jun 28, 2016Good list and great comment from Allison. From our experience in the field, I will...
Jun 27, 2016YES! Please do create a data breach response policy, and procedures to capture the protocols...
Jun 23, 2016Thanks for the correction Chris and sorry for the oversight. I also agree that most...
Jun 22, 2016Agree and posted some complimentary ideas this morning....
Jun 22, 2016Funny how many HIPAA graphics are available on Pinterest. I normally associate that website with...
Jun 20, 2016Ugh, another "HIPAA compliant system" post. Again, only organizations can be compliant; systems can either...
Jun 20, 2016Kamal Govindaswamy CISSP C...
Jun 19, 2016Thanks for the post, Owen...
Jun 19, 2016This kind of conversation is why we post on LI and I thank you Steve...
Jun 13, 2016Thank you Owen !...
Jun 13, 2016Thanks for sharing Allison...
Jun 5, 2016Brenda Manning JD CHC CHPC, thank you fo...
Jun 2, 2016Agree. We should be providing value to our subscriber-base and then letting them reach out...
Jun 1, 2016Silly NFL, Trix are for kids (and HIPAA applies to you too if you include...
May 25, 2016Good related point, Owen. We create PnP but offer service to help implement the documents....
May 24, 2016Nothing has changed from OCR's normal "10 day response" and yes, the new protocol is...
May 23, 2016Yup, that list of five is a GREAT place to start and echos our HSG...
May 23, 2016A $363 (we think low) estimate per patient record and OCR fines averaging $900K+ for...
May 23, 2016Agree Allison and frankly we don't see any company completing the "total cost analysis" (e.g....
May 16, 2016I visited the company's webpage and am a little alarmed at seeing the words "Risk...
May 16, 2016Agree, Owen. My concern is that some of our audience may not understand the difference...
May 12, 2016Hey, hey, my, my, let's hope that the future holds the ability to keep our...
May 10, 2016Exciting to live in a "transformational" time where information sharing power is growing as we...
May 2, 2016Owen D. Kurtin, you're reading my mind (and between the lines) :)...
Apr 30, 2016...and I get asked about your latter point from HR managers regularly, Allison Dolan. I...
Apr 29, 2016Texting has come up before in this group Jon Taylor and you've written an excellent...
Apr 26, 2016I see the "per record" has increased from $317 to $363 now(?). My two cents......
Apr 2, 2016Chris and Carlos, I have a formatted copy of the legacy OCR protocol and have...
Mar 24, 2016Interesting explanation, Owen D. Kurtin and understood. What still piques my curiosity is even with...
Mar 22, 2016Given that this is a single person, we won't be reading about it on the...
Mar 21, 2016Good point Allison Dolan and I'm sure the process takes time, but I also wonder...
Mar 12, 2016Another "HIPAA Isn't Good Enough" article - fair enough. I think the more intelligent approach...
Mar 11, 2016A nursing home's leadership sets the tone whether this behavior is or is not acceptable....
Mar 10, 2016Greg Hoffman, it is my perspective that only organizations and NOT systems can be HIPAA...
Feb 25, 2016This thread is a great example that shows how the healthcare industry knows the rules...
Feb 22, 2016Carlos Leyva (same tune, new verse) ...How many records must scatter the streets, before we...
Feb 17, 2016Great point, Owen. A data map is a wonderful place to start but does not...
Feb 16, 2016Allison Dolan, I've seen companies leave their encrypted laptops with the ability to "sleep". An...
Feb 2, 2016That's some great research, Allison! Thank you for making a clearer picture of why URMC...
Jan 28, 2016Dental? It's our repeated experience that this community is woefully unaware of HIPAA Security Rule...
Jan 25, 2016Enforcement too lax? Absolutely. Having said that, I do believe they are busy trying to...
Jan 25, 2016Allison, I constantly see USB drives used for the backup of small medical databases and...
Jan 25, 2016Rebekah, I personally don't advocate ePHI transmitted over SMS but recognize that some patients will...
Jan 25, 2016Heather, thank you for sharing what I'm sure is an informative article. Your link, however,...
Dec 17, 2015Also worth mentioning is that a key to keeping the OCR desk audits from advancing...
Dec 14, 2015Wow, a good article Stephen with a less-discussed HIPAA subject. While the conclusion I read...
Nov 25, 2015Carlos, it is my observation that hackers (in the minority of incidents, majority of records)...
Nov 14, 2015Greg, my experience is that dentists care less about the HIPAA Security Rule than other...
Nov 12, 2015Thank you Theresa. Yes, DoHHS is the OIG office we are used to seeing. I...
Nov 10, 2015Interesting opine, Carlos. Unlike a lawyer, one should expect those making the guidance to expand...
Nov 10, 2015I venture this statistic will grow as more CE and BA develop the means to...
Nov 10, 2015Greg, the most literal response I can provide is "people". Spend money training employees to...
Nov 10, 2015We both applaud work that advances the safeguarding of our ePHI. Agree that the boom...
Oct 17, 2015Kevin, if the information is not too sensitive, what is the biggest lesson you would...
Oct 17, 2015At the risk of sounding too utilitarian and straying off HIPAA, what is (figuratively) your...
Oct 17, 2015Thank you for the feedback. I personally see the risk vs. reward falling to the...
Sep 23, 2015Good article, Grant. I'm still amazed how far behind the curve our medical industry is,...
Sep 23, 2015And the Security Rule is about half administrative. Time to work within the flexibility of...
Sep 23, 2015Glad this post provided a break from the usual and a little discussion about serving...
Sep 23, 2015Micah, I can count on that small practice logic like I can count on the...
Sep 23, 2015p.s. I hope no one was holding their breath until the (2015?) next round of...
Sep 23, 201515 breaches affecting more than 500 individuals in August, 26 in July, according to the...
Sep 23, 2015Then I will root for the Seahawks AND the Swans this season. We could all...
Sep 23, 2015Thank you Allison. Do these notes become part of the patient's medical record or is...
Sep 23, 2015In addition to controlling access, CE and BA also need to document their audit methodology...
Sep 23, 2015Ah, within two weeks... HIPAA Journal is reporting that UCLA Health confirmed an unencypted laptop...
Aug 23, 2015Allison, I assume (someone correct me here if I'm mistaken, please) that either OCR would...
Aug 23, 2015Carlos, we'll see if and how our OCR friends are going to going to generate...
Aug 22, 2015Succinct and frank, Carlos. Outstanding....
No Posts found.
No Books found.
No Events found.