The Schellman Blog

If you’ve ever owned a home in a neighborhood that has a homeowners association, you likely know that you have to pay those fees to avoid a lien being placed on your property, which could complicate your life in annoying ways. But on the flip side, paying those fees should mean you also reap the benefits like landscaping, community pool management, security, or maintenance.

Ever seen an Olympic runner trip during their race? They’re on the biggest stage, having done all that work, and then somehow, something goes wrong and their shining moment ends in heartbreak for whatever reason—an errant pebble on the track, accidental tangling with another competitor, too much or too little momentum.

If you’re a healthcare organization, you likely understand that third-party risk management (TPRM) remains a significant challenge.

Do you or someone you love have a taste for luxury? If so, you may have shelled out for a bag from a high-end designer—Gucci, Kate Spade, Coach, Louis Vuitton, and the like. But of course, these can go for thousands of dollars, so in many cases, it makes more sense to instead indulge in a cheaper knock-off. It looks basically like the real deal, so there’s no problem, right?

We all likely remember how COVID-19 overwhelmed healthcare systems and workers across the globe. It was a crazy time of momentous struggle as the world tried to adjust to dealing with a new deadly virus—and we’re still not completely out of it.

Ever heard the story about the boy who put his finger in a dike to plug a leak? He did it because he knew a small leak could turn into a major breach—the sea would come crashing through to destroy his town. So, he sat there all night until help came, to ensure everything would remain safe.

“Clouds come floating into my life, no longer to carry rain or usher storm, but to add color to my sunset sky,” said Bengali polymath Rabindranath Tagore. It’s a nice, optimistic sentiment, but if you’re a healthcare provider using the cloud, you’re likely thinking that, in your position, clouds are still plenty capable of ushering storms where your HIPAA compliance is concerned. The Health Insurance Portability and Accountability Act (HIPAA) provides clear rules about the storage and sharing of protected health information (PHI). All organizations that handle PHI are required to comply with HIPAA standards, but that can become a little trickier if you engage a cloud service provider (CSP). As long-time, highly experienced HIPAA assessors, we provide valuable insight and services that help organizations avoid any HIPAA missteps. In this article, we’re going to outline eight things you can do to ensure you stay compliant when engaging a cloud service provider (CSP) so that your cloud doesn’t “usher in any storms.”

Someone once said that "a marathon is hundreds of miles. The finish is the last 26.2." Maybe that “someone” worked at the Office of Civil Rights (OCR) because they are coming to the “finish” at the end of their latest marathon, though it’ll still take some work and time to get over the line.