{"version":"1.0","provider_name":"OTAVA","provider_url":"https:\/\/www.otava.com","title":"The HIPAA Omnibus Rule","type":"rich","width":600,"height":338,"html":"<blockquote class=\"wp-embedded-content\" data-secret=\"TmaLHZ1hTk\"><a href=\"https:\/\/www.otava.com\/blog\/the-hipaa-omnibus-rule\/\">The HIPAA Omnibus Rule<\/a><\/blockquote><iframe sandbox=\"allow-scripts\" security=\"restricted\" src=\"https:\/\/www.otava.com\/blog\/the-hipaa-omnibus-rule\/embed\/#?secret=TmaLHZ1hTk\" width=\"600\" height=\"338\" title=\"&#8220;The HIPAA Omnibus Rule&#8221; &#8212; OTAVA\" data-secret=\"TmaLHZ1hTk\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\" class=\"wp-embedded-content\"><\/iframe><script type=\"text\/javascript\">\n\/* <![CDATA[ *\/\n\/*! This file is auto-generated *\/\n!function(d,l){\"use strict\";l.querySelector&&d.addEventListener&&\"undefined\"!=typeof URL&&(d.wp=d.wp||{},d.wp.receiveEmbedMessage||(d.wp.receiveEmbedMessage=function(e){var t=e.data;if((t||t.secret||t.message||t.value)&&!\/[^a-zA-Z0-9]\/.test(t.secret)){for(var s,r,n,a=l.querySelectorAll('iframe[data-secret=\"'+t.secret+'\"]'),o=l.querySelectorAll('blockquote[data-secret=\"'+t.secret+'\"]'),c=new RegExp(\"^https?:$\",\"i\"),i=0;i<o.length;i++)o[i].style.display=\"none\";for(i=0;i<a.length;i++)s=a[i],e.source===s.contentWindow&&(s.removeAttribute(\"style\"),\"height\"===t.message?(1e3<(r=parseInt(t.value,10))?r=1e3:~~r<200&&(r=200),s.height=r):\"link\"===t.message&&(r=new URL(s.getAttribute(\"src\")),n=new URL(t.value),c.test(n.protocol))&&n.host===r.host&&l.activeElement===s&&(d.top.location.href=t.value))}},d.addEventListener(\"message\",d.wp.receiveEmbedMessage,!1),l.addEventListener(\"DOMContentLoaded\",function(){for(var e,t,s=l.querySelectorAll(\"iframe.wp-embedded-content\"),r=0;r<s.length;r++)(t=(e=s[r]).getAttribute(\"data-secret\"))||(t=Math.random().toString(36).substring(2,12),e.src+=\"#?secret=\"+t,e.setAttribute(\"data-secret\",t)),e.contentWindow.postMessage({message:\"ready\",secret:t},\"*\")},!1)))}(window,document);\n\/\/# sourceURL=https:\/\/www.otava.com\/wp-includes\/js\/wp-embed.min.js\n\/* ]]> *\/\n<\/script>\n","description":"The HIPAA omnibus rule, which extends the reach of liability to include business associates and subcontractors, should be out by the end of summer, according to Farzad Mostashari, the national coordinator for health information technology. Submitted in March, the Office of Management and Budget will have up to 90 days to review the rule. HealthDataManagement.com reports Mostashari made the announcement during the opening keynote of the Health Privacy Summit in Washington, D.C. When it comes to specific technology and HIPAA hosting requirements, the rule requires: Information system activity review &#8211; organizations must implement procedures to regularly review records of system activity, such as audit logs, access reports and security incident tracking reports. Log monitoring is a service that can address this requirement. Security reminders &#8211; take note of periodic security updates and implement them. Protection from malicious software &#8211; implement procedures for guarding against, detecting and reporting malicious software. Login monitoring &#8211; establish procedures for monitoring login attempts and reporting discrepancies. Multi-factor authentication, or two-factor authentication, is a low-cost and easy way to implement an additional security measure and method of verifying authorized access. Password management &#8211; document procedures for creating, changing and safeguarding passwords. To ensure any lost or..."}