What Keeps You Up at Night?

HIPAA is challenging, and the downside risks can be a little scary. HiPAA HUB knows how to identify, address, and monitor your exposure so your team can focus on your core business. HiPAA HUB provides smart & timely solutions to make your organization compliant with HIPAA. 


HiPAA HUB serves all of your health information privacy and security needs.


  • All Healthcare: Hospitals, Providers, Payers & Business Associates.


  • All Sizes: Large, Medium & Smaller businesses.


  • All Service Levels: HiPAA HUB On CallTM access and Privacy & Security services.
Learn more about HiPAA HUB, LLC.
Turn your HiPAA program into a competitive advantage.

Latest Top (4) News

Pain Management Task Force calls for patient-centered approach to improve treatment of pain

The Pain Management Best Practices Inter-Agency Task Force (Task Force), in a draft report issued today, calls for individualized, patient-centered pain management to improve the lives of millions of individuals who experience acute and chronic pain.

Members of the public will have 90 days to provide comments on the draft report’s proposed recommendations.

The Task Force, a federal advisory committee, was established by the Comprehensive Addiction and Recovery Act of 2016 to propose updates to best practices and issue recommendations that address gaps or inconsistencies for managing chronic and acute pain. The Task Force is composed of 29 members, including healthcare providers and patients, as well as federal employees. It is overseen by the U.S. Department of Health and Human Services, in cooperation with the U.S. Department of Veterans Affairs and the U.S. Department of Defense.

The draft report contains proposed recommendations in a number of areas, including:

  • clinical best practices/guidelines;
  • approaches to acute and chronic pain management;
  • pain treatments, including medications, restorative therapies, interventional procedures, behavioral health approaches, and complementary and integrative approaches;
  • access to pain care, stigma (of patients and providers), education, training, risk assessment and evaluation;
  • special populations, including older adults, women, ethnic and racial minorities, military members and veterans;
  • special conditions, such as pregnancy, chronic relapsing pain and sickle cell disease; and
  • Congressionally mandated review of the Centers for Disease Control and Prevention (CDC) Guideline for Prescribing Opioids for Chronic Pain.

“Chronic pain affects an estimated 50 million U.S. adults or 20 percent of the adult population. An estimated 19.6 million U.S. adults have experienced high-impact chronic pain, which the CDC defines as pain occurring and interfering with life or work activities most days. This draft report offers a wide range of treatment modalities with a framework to allow for multidisciplinary, individualized patient-centered care,” said Vanila M. Singh, M.D., MACM, Task Force chair, and chief medical officer of the HHS Office of the Assistant Secretary for Health. “We encourage members of the public to review the draft report and share their comments with us.”

The Task Force members have significant public- and private-sector experience across the disciplines of pain management, patient advocacy, substance use disorders, mental health and minority health.

For more information on the Task Force, visit its webpage.

Friday, December 28, 2018 - 10:15

HHS, in Partnership with Industry, Releases Voluntary Cybersecurity Practices for the Health Industry

On Friday, December 28, the Department of Health and Human Services (HHS) released the “Health Industry Cybersecurity Practices (HICP): Managing Threats and Protecting Patients” publication. The four volume publication, aims to provide voluntary cybersecurity practices to healthcare organizations of all types and sizes, ranging from local clinics to large hospital systems.

The industry-led effort was in response to a mandate set forth by the Cybersecurity Act of 2015 Section 405(d), to develop practical cybersecurity guidelines to cost-effectively reduce cybersecurity risks for the healthcare industry. The publication marks the culmination of a two-year effort that brought together over 150 cybersecurity and healthcare experts from industry and the government under the Healthcare and Public Health (HPH) Sector Critical Infrastructure Security and Resilience Public-Private Partnership. It was the result of a true public-private partnership to better secure the nation’s health systems.

“Cybersecurity is everyone’s responsibility.  It is the responsibility of every organization working in healthcare and public health.  In all of our efforts, we must recognize and leverage the value of partnerships among government and industry stakeholders to tackle the shared problems collaboratively,” said Janet Vogel, HHS Acting Chief Information Security Officer.

Technologies are vital to the healthcare industry and help provide life-saving treatments and improve patient care. However, these same technologies are vulnerable to myriad attacks from adversaries, ranging from criminals and hacktivists to nation-states. These technologies can be exploited to gain access to personal patient data or render entire hospital systems inoperable. Recent cyber-attacks against the nation’s healthcare industry continue to highlight the importance of ensuring these technologies are safe and secure.

“The healthcare industry is truly a varied digital ecosystem. We heard loud and clear through this process that providers need actionable and practical advice, tailored to their needs, to manage modern cyber threats. That is exactly what this resource delivers; recommendations stratified by the size of the organization, written for both the clinician as well as the IT subject matter expert.” said Erik Decker, industry co-lead and Chief Information Security and Privacy Officer for the University of Chicago Medicine. 

The HICP publication aims to provide cybersecurity practices for this vast, diverse, and open sector to ultimately improve the security and safety of patients. The main document of the publication explores the five most relevant and current threats to the industry. It also recommends 10 Cybersecurity Practices to help mitigate these threats. The main document presents real-life events and statistics that demonstrate the financial and patient care impacts of cyber incidents.  It also lays out a call to action for all industry stakeholders, from C-suite executives and healthcare practitioners to IT security professionals, that protective and preventive measures must be taken now. The publication also includes two technical volumes geared for IT and IT security professionals. Technical Volume 1 focuses on cybersecurity practices for small healthcare organizations, while Technical Volume 2 focuses on practices for medium and large healthcare organizations. The last volume provides resources and templates that organizations can leverage to assess their own cybersecurity posture as well develop policies and procedures.

This publication demonstrates the Department’s continued commitment to enhancing the security and resilience of the HPH Sector. Cybersecurity remains a top priority for HHS. HHS recognizes the importance of partnering with private industry, especially the healthcare critical infrastructure partners represented by the Health Sector Coordinating Council, to meet this milestone achievement. In the coming months, the Department will work with industry stakeholders to raise awareness and implement the recommended cybersecurity practices across the sector. For more information on this effort and to download a copy of the publication, please visit the 405(d) website at www.phe.gov/405d.

Friday, December 28, 2018 - 12:30

Statement from the Department of Health and Human Services on Texas v. Azar

“The recent U.S. District Court decision regarding the Affordable Care Act is not an injunction that halts the enforcement of the law and not a final judgment. Therefore, HHS will continue administering and enforcing all aspects of the ACA as it had before the court issued its decision. This decision does not require that HHS make any changes to any of the ACA programs it administers or its enforcement of any portion of the ACA at this time. As always, the Trump Administration stands ready to work with Congress on policy solutions that will deliver more insurance choices, better healthcare, and lower costs while continuing to protect individuals with pre-existing conditions.”


Monday, December 17, 2018 - 12:30

Readout of Initial Deputy Secretary’s Innovation and Investment Summit Meeting

On December 18, Deputy Secretary Eric Hargan and members of his team at the Department of Health and Human Services (HHS) convened with members of the healthcare industry for the initial Deputy Secretary’s Innovation and Investment Summit (DSIIS) meeting. Leadership from HHS and representatives from various divisions provided Summit participants with educational content on how the department works together with the private sector and the types of innovative activities currently being pursued in the healthcare industry and at HHS.

The participants in attendance were able to share their perspectives based on experiences in the marketplace, and identify where their own ideas for innovation align with those of HHS. This first-ever collaboration between HHS and the innovation and investment communities provided valuable insight for all parties. DSIIS looks forward to a productive 2019 in which it will focus discussion on the transition to value-based care, regulatory best practices for approval and reimbursement, enabling consumer empowerment, and liberating data to drive value.

A more detailed readout of the inaugural meeting will be provided in January 2019 with more information on future meetings.

Thursday, December 20, 2018 - 15:15