Over the past thirty days, the Office for Civil Rights (OCR) has reached three HIPAA breach resolutions, signaling to organizations that are covered entities and business associates under HIPAA, the importance of instituting basic best practices for data breach prevention and response. Our colleagues in the Workplace Privacy, Data Management & Security practice group discusses the need for healthcare organizations and their business associates to address basic best practices including: terminating employee access in a timely manner, maintaining proper business associate agreements, and having a plan for media relations. You can read it here.