We watch closely for any guidance to HIPAA covered entities and business associates from the Department of Health and Human Services Office for Civil Rights (HHS/OCR). Why? Because there is so little of it. Lately, the only guidance we have been receiving is in the form of Resolution Agreements and Corrective Action Plans, and hefty … Continue Reading