Data Security at Delta Health Systems
Written By
Dina Robinson
Cyber threats keep getting smarter—so do we.
Our HIPAA-focused, layered defense includes:
- End-to-end encryption (data at rest & in transit)
- Role-based access controls
- 24/7 monitoring with AI-driven threat detection
- Monthly patching and third-party security audits
- Staff security training that’s updated quarterly
We also align to NIST and CIS frameworks for risk reviews, incident response, and continuous improvement.
“Our clients can trust that their PHI is protected not only through compliance checklists but also through a robust, modern cybersecurity posture that evolves with the threat landscape,” said Peter LeBlanc, IT Security Officer at Delta Health Systems.
Topic | What Changed | Why It Matters |
CAA 2021 – Gag Clause FAQs (Part 69) | New FAQs clarify that any contract (even TPA → provider network) cannot block access to cost/quality or de-identified claims data. | Review TPA contracts for downstream restrictions and remove them before the next gag-clause attestation. |
Reporting Gag Clause Non-Compliance | Plans must disclose non-compliant contracts in the GCPCA portal and show steps taken to fix them. | Self-reporting doesn’t waive penalties—fix issues early. |
HHS Rescinds 2022 Gender-Care Guidance | 2022 OCR guidance on gender-affirming care is withdrawn (Feb 20 2025). | Policies and training materials referencing the 2022 notice should be updated. |
Proposed HIPAA Security Rule (Jan 6 2025) | Draft rule calls for mandatory MFA, encryption, network segmentation, 6-month backup testing, and 24-hour breach notice from BAs. | Start gap-analysis now; many items mirror best practices already in place at Delta. |
USPSTF Update | Grade B recommendation for osteoporosis screening—women 65+ and younger post-menopausal women at elevated risk. | Plans must cover with no cost-share within one year of final recommendation. |
Need a deeper dive?
Read more here (Dina’s article).
Stay Informed:
- FAQs Part 69 text
- HHS Rescinds 2022 Gender-Care Guidance
- Proposed HIPAA Security Rule
Questions? Reach out to Delta’s Compliance team at compliance@deltahealthsystems.com.
Dina Robinson
Privacy and Compliance Officer
Dina has more than 25 years’ experience in the healthcare industry working as a provider relations and network analyst, senior compliance analyst, and executive. She has extensive knowledge in claims processing, system implementation, contract configuration, Medi-Cal Managed Care and privacy and compliance. Dina is a subject matter expert in HIPAA Privacy and Security and earned a bachelor’s degree in business management.
