HIPAA Security and Audits with Mac McMillan

In case you missed the recent HIPAA Privacy and Security hangout I did with Mac McMillan, CEO of Cynergistek, you’re missing out. I think this HIPAA interview is an extension of what we started in our post “6 Reality Checks of HIPAA Compliance.” There’s a real awakening that’s needed when it comes to HIPAA. I love in this hangout when Mac says that the patience in Washington for those that aren’t HIPAA compliant is running low. An example of that is another topic we discus: HIPAA audits. The first round of HIPAA audits were more of a barometer of what was happening. The next round we’ll likely be much more damaging.

Watch the entire HIPAA interview with Mac McMillan to learn even more:

About the author

John Lynn

John Lynn

John Lynn is the Founder of HealthcareScene.com, a network of leading Healthcare IT resources. The flagship blog, Healthcare IT Today, contains over 13,000 articles with over half of the articles written by John. These EMR and Healthcare IT related articles have been viewed over 20 million times.

John manages Healthcare IT Central, the leading career Health IT job board. He also organizes the first of its kind conference and community focused on healthcare marketing, Healthcare and IT Marketing Conference, and a healthcare IT conference, EXPO.health, focused on practical healthcare IT innovation. John is an advisor to multiple healthcare IT companies. John is highly involved in social media, and in addition to his blogs can be found on Twitter: @techguy.


  • It is almost a “snubbing of the nose” by docs to the HHS when it comes to risk assessments.
    The parallel subject to me is taxes.
    They stink.
    They are complicated.
    The IRS doesn’t care.
    You can act dumb, or just not know (I shut down a business 2 years ago and discovered that since I didn’t check a box on my tax return, the IRS thought I was skipping out…and filed for me with “guestimates” of the revenue – now I’m wasting days dealing with this BS).
    The IRS doesn’t care.
    Soon the HHS won’t care, and one of the first things they’ll ask for is proof of a security risk assessment.

  • Due to increased risks in EHR, the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health Act (HITECH) include national standards for the privacy of protected health information, the security of electronic protected health information, and breach notification to consumers.

Click here to post a comment