Susan A. Miller has over 40 years teaching, biochemistry research, legal and healthcare experience.
She a national HIPAA, HITECH Act, health care expert and strategist focused on covered entities, business associates, technology companies, federal agencies including OCR, NIST and CMS, ACOs, Regional Extension Centers (RECs), Medicaid Agencies, states, and national and state trade associations.
In the past 15 years she has developed the content for the NIST HIPAA Security risk analysis and audit tool used across the industry, as well as HIPAA privacy and security tools for risk analysis/assessment, audit, breach notification and HIPAA policies and procedures, plus contingency plans, disaster recovery plans, training plans and training materials used by both covered entities and business associates. She is a co-author of a quarterly HIMSS HIPAA Privacy and Security column for the JHIM publication. She founded the Healthcare Information Report in 2006, which is published weekly to her clients.
She had a national security and privacy leadership position for 13 years, from when she helped to found the WEDI SNIP Security and Privacy Workgroup in 2000. She teaches and speaks nationally and regionally numerous times a year at WEDI meetings, AHLA meetings and the HIPAA Summits and many others.
Remember spaghetti code? The HIPAA breach area is now almost as convoluted and overlapping and confusing as spaghetti code. Sometimes you think you are both coming and going at the same time when you think through an event to determine if your organization has had a breach.