{"id":13104,"date":"2017-04-18T19:52:52","date_gmt":"2017-04-18T19:52:52","guid":{"rendered":"https:\/\/digital-sentinel.com\/?p=13104"},"modified":"2017-04-18T19:53:17","modified_gmt":"2017-04-18T19:53:17","slug":"hipaa-enforcement-issues-straight-regulator","status":"publish","type":"post","link":"https:\/\/digital-sentinel.com\/transfer\/hipaa-enforcement-issues-straight-regulator\/","title":{"rendered":"HIPAA Enforcement Issues Straight from the Regulator"},"content":{"rendered":"<p class=\"lxb_af-template_tags-get_post_title\">At last week\u2019s Health Care Compliance Association\u2019s annual \u201cCompliance Institute,\u201d \u00a0Iliana Peters, HHS\u00a0Office for Civil Rights\u2019 Senior Advisor for HIPAA Compliance and Enforcement, provided <a href=\"http:\/\/www.hcca-info.org\/Portals\/0\/PDFs\/Resources\/Conference_Handouts\/Compliance_Institute\/2017\/104print2.pdf\" target=\"_blank\">a thorough update<\/a>\u00a0of HIPAA enforcement trends as well as a road map to OCR\u2019s current and future endeavors.<\/p>\n<div class=\"lxb_af-post_content lxb_af-clear\">\n<p><strong>Continuing Enforcement Issues<\/strong><\/p>\n<p>Ms. Peters identified key\u00a0ten enforcement issues that OCR continues to encounter through its enforcement of HIPAA.\u00a0 Do any of them look familiar to you? These issues include:<\/p>\n<ol>\n<li><strong>Impermissible Disclosures<\/strong>. HIPAA\u2019s Privacy Rule prohibits covered entities and business associates from disclosing PHI except as permitted or\u00a0required under HIPAA. Impermissible disclosures identified by Ms. Peters all center on the need for authorization, and include:\n<ul>\n<li>Covered entities permitting news media to film individuals in\u00a0their facilities prior to obtaining a patient\u2019s authorization.<\/li>\n<li>Covered entities publishing PHI on their website or on social media without an individual\u2019s authorization.<\/li>\n<li>Covered entities confirming that an individual is a patient and providing other PHI to reporters without an individual\u2019s authorization.<\/li>\n<li>Covered entities faxing PHI to an individual\u2019s employer without the individual\u2019s authorization.<\/li>\n<\/ul>\n<\/li>\n<li><strong>Lack of Business Associate Agreements<\/strong>. OCR continues to see covered entities failing to enter into business associate agreements.<\/li>\n<li><strong>Incomplete or Inaccurate Risk Analysis<\/strong>. Under HIPAA\u2019s Security Rule, covered entities are required to conduct an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of electronic PHI (ePHI). According to Ms. Peters, organizations frequently underestimate the proliferation of ePHI throughout\u00a0their environment, including into systems related to billing, faxing, backups, and medical devices, among others.<\/li>\n<li><strong>Failure to manage identified risks<\/strong>. HIPAA requires regulated entities to put in place\u00a0security measures to reduce risks and vulnerabilities. According to the presentation,\u00a0several OCR\u00a0breach investigations found that the causes of reported breaches were risks that had previously been identified in a risk analysis but were never mitigated.\u00a0In some instances, encryption was included as part of the remediation plan, but was never implemented.<\/li>\n<li><strong>Lack of transmission security<\/strong>. While not required in all cases, HIPAA does require that\u00a0ePHI be encrypted whenever it is deemed appropriate. The presentation identified a number of applications in which encryption should be considered when transmitting ePHI, including email, texting, application sessions, file transmissions (e.g., FTP), remote backups, and remote access and support services (e.g., VPNs).<\/li>\n<li><strong>Lack of Appropriate Auditing<\/strong>. HIPAA requires the implementation of mechanisms (whether hardware, software or procedural)\u00a0that record and examine activity in systems containing ePHI.\u00a0HIPAA-regulated entities are required to review audit records to determine if there should be additional investigation. The presentation highlighted certain activities that could warrant such additional investigation, including: access to PHI during non-business hours or during time off, access to an abnormally high number of records containing PHI, access to PHI of persons for which media interest exists, and access to PHI of employees.<\/li>\n<li><strong>Patching of Software<\/strong>. The use of unpatched or unsupported software on systems which contain ePHI could introduce additional risk into an environment. Ms. Peters also pointed to other systems that should be monitored, including router and firewall firmware, anti-virus and anti-malware software, and multimedia and runtime environments (e.g., Adobe Flash, Java, etc.).<\/li>\n<li><strong>Insider Threats<\/strong>. The presentation identifies insider threats as a continuing enforcement issue. Under HIPAA, organizations must implement policies and procedures to ensure that all members of its workforce have appropriate access to ePHI and to prevent those workforce members who do not have access from obtaining such access. Termination procedures should be put in place to ensure that access to PHI is revoked\u00a0when a workforce member leaves.<\/li>\n<li><strong>Disposal of PHI<\/strong>. HIPAA requires organizations to implement policies and procedures that ensure proper disposal of PHI. These procedures must guarantee that the media has been cleared, purged or destroyed consistent with\u00a0<a href=\"http:\/\/nvlpubs.nist.gov\/nistpubs\/SpecialPublications\/NIST.SP.800-88r1.pdf\" target=\"_blank\">NIST Special Publication 800-88: Guidelines for Media Sanitization<\/a>.<\/li>\n<li><strong>Insufficient Backup and Contingency Planning<\/strong>. Organizations are required to ensure that adequate contingency planning (including data backup and disaster recovery plans) is in place and would be effective when implemented in the event of an actual disaster or emergency situation. Organizations are required to periodically test their plans and revise as necessary.<\/li>\n<\/ol>\n<p><strong>Upcoming Guidance and FAQs<\/strong><\/p>\n<p>OCR also identified upcoming guidance\u00a0and FAQs that it will\u00a0use to address the following areas:<\/p>\n<ul>\n<li>Privacy and security issues related to the Precision Medicine Initiative\u2019s <em><a href=\"https:\/\/www.nih.gov\/research-training\/allofus-research-program\" target=\"_blank\">All of Us<\/a><\/em> research program<\/li>\n<li>Text messaging<\/li>\n<li>Social media<\/li>\n<li>Use of Certified EHR Technology (CEHRT) &amp; compliance with HIPAA Security Rule (to be release with the Office of the National Coordinator for Health Information Technology (ONC))<\/li>\n<li>The Resolution Agreement and Civil Monetary Penalty\u00a0process<\/li>\n<li>Updates of existing FAQs to account for the Omnibus Rule and other recent developments<\/li>\n<li>The \u201cminimum necessary\u201d requirement<\/li>\n<\/ul>\n<p><strong>Long-term Regulatory Agenda<\/strong><\/p>\n<p>The presentation also identifies two long-term regulatory goals\u00a0to implement certain\u00a0provisions of\u00a0the HITECH Act. One regulation will relate to providing individuals harmed by HIPAA violations with a percentage of any civil monetary penalties or settlements collected by OCR, while the second will implement a\u00a0HITECH Act provision related to the accounting of disclosures of PHI.<\/p>\n<p><strong>Audit Program Status<\/strong><\/p>\n<p>The presentation discussed the current status of OCR\u2019s audit program. As we have <a href=\"https:\/\/www.healthlawpolicymatters.com\/tag\/hipaa-audits\/\" target=\"_blank\">previously discussed<\/a>, OCR is in the process of conducting desk audits of covered entities and business associates. These audits consist of a review of required HIPAA documentation that is submitted to OCR.\u00a0According to Ms. Peters, OCR has conducted desk audits of 166 covered entities and 43 business associates. Ms. Peters also used the presentation to confirm that on-site audits of both covered entities and business associates will be conducted in 2017 after the desk audits are completed. We will continue to follow and report on developments in the audit program.<\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>At last week\u2019s Health Care Compliance Association\u2019s annual \u201cCompliance Institute,\u201d \u00a0Iliana Peters, HHS\u00a0Office [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":13105,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[30,31,29],"tags":[32,34,33],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v18.6 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>HIPAA Enforcement Issues Straight from the Regulator - Digital Sentinel<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/digital-sentinel.com\/transfer\/hipaa-enforcement-issues-straight-regulator\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"HIPAA Enforcement Issues Straight from the Regulator - Digital Sentinel\" \/>\n<meta property=\"og:description\" content=\"At last week\u2019s Health Care Compliance Association\u2019s annual \u201cCompliance Institute,\u201d \u00a0Iliana Peters, HHS\u00a0Office [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/digital-sentinel.com\/transfer\/hipaa-enforcement-issues-straight-regulator\/\" \/>\n<meta property=\"og:site_name\" content=\"Digital Sentinel\" \/>\n<meta property=\"article:published_time\" content=\"2017-04-18T19:52:52+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2017-04-18T19:53:17+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/digital-sentinel.com\/wp-content\/uploads\/transfer_secure_digital_sentinel.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"640\" \/>\n\t<meta property=\"og:image:height\" content=\"426\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"twitter:card\" content=\"summary\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Digital-Sentinel\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Organization\",\"@id\":\"https:\/\/digital-sentinel.com\/#organization\",\"name\":\"Digital Sentinel\",\"url\":\"https:\/\/digital-sentinel.com\/\",\"sameAs\":[],\"logo\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/digital-sentinel.com\/#logo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/digital-sentinel.com\/wp-content\/uploads\/Digital-Sentinel.gif\",\"contentUrl\":\"https:\/\/digital-sentinel.com\/wp-content\/uploads\/Digital-Sentinel.gif\",\"width\":613,\"height\":224,\"caption\":\"Digital Sentinel\"},\"image\":{\"@id\":\"https:\/\/digital-sentinel.com\/#logo\"}},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/digital-sentinel.com\/#website\",\"url\":\"https:\/\/digital-sentinel.com\/\",\"name\":\"Digital Sentinel\",\"description\":\"Profit Protection Technology\",\"publisher\":{\"@id\":\"https:\/\/digital-sentinel.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/digital-sentinel.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/digital-sentinel.com\/transfer\/hipaa-enforcement-issues-straight-regulator\/#primaryimage\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/digital-sentinel.com\/wp-content\/uploads\/transfer_secure_digital_sentinel.jpg\",\"contentUrl\":\"https:\/\/digital-sentinel.com\/wp-content\/uploads\/transfer_secure_digital_sentinel.jpg\",\"width\":640,\"height\":426},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/digital-sentinel.com\/transfer\/hipaa-enforcement-issues-straight-regulator\/#webpage\",\"url\":\"https:\/\/digital-sentinel.com\/transfer\/hipaa-enforcement-issues-straight-regulator\/\",\"name\":\"HIPAA Enforcement Issues Straight from the Regulator - Digital Sentinel\",\"isPartOf\":{\"@id\":\"https:\/\/digital-sentinel.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/digital-sentinel.com\/transfer\/hipaa-enforcement-issues-straight-regulator\/#primaryimage\"},\"datePublished\":\"2017-04-18T19:52:52+00:00\",\"dateModified\":\"2017-04-18T19:53:17+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/digital-sentinel.com\/transfer\/hipaa-enforcement-issues-straight-regulator\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/digital-sentinel.com\/transfer\/hipaa-enforcement-issues-straight-regulator\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/digital-sentinel.com\/transfer\/hipaa-enforcement-issues-straight-regulator\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/digital-sentinel.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"HIPAA Enforcement Issues Straight from the Regulator\"}]},{\"@type\":\"Article\",\"@id\":\"https:\/\/digital-sentinel.com\/transfer\/hipaa-enforcement-issues-straight-regulator\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/digital-sentinel.com\/transfer\/hipaa-enforcement-issues-straight-regulator\/#webpage\"},\"author\":{\"@id\":\"https:\/\/digital-sentinel.com\/#\/schema\/person\/78a25f0a40a470633a45d6c98b60f0b2\"},\"headline\":\"HIPAA Enforcement Issues Straight from the Regulator\",\"datePublished\":\"2017-04-18T19:52:52+00:00\",\"dateModified\":\"2017-04-18T19:53:17+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/digital-sentinel.com\/transfer\/hipaa-enforcement-issues-straight-regulator\/#webpage\"},\"wordCount\":956,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/digital-sentinel.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/digital-sentinel.com\/transfer\/hipaa-enforcement-issues-straight-regulator\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/digital-sentinel.com\/wp-content\/uploads\/transfer_secure_digital_sentinel.jpg\",\"keywords\":[\"adit\",\"regulation\",\"transfer\"],\"articleSection\":[\"Auditing\",\"Regulation\",\"transfer\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/digital-sentinel.com\/transfer\/hipaa-enforcement-issues-straight-regulator\/#respond\"]}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/digital-sentinel.com\/#\/schema\/person\/78a25f0a40a470633a45d6c98b60f0b2\",\"name\":\"Digital-Sentinel\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/digital-sentinel.com\/#personlogo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/34ea0504bbaf2d4274b9488fb3281aa1?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/34ea0504bbaf2d4274b9488fb3281aa1?s=96&d=mm&r=g\",\"caption\":\"Digital-Sentinel\"},\"url\":\"https:\/\/digital-sentinel.com\/author\/digital-sentinel\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"HIPAA Enforcement Issues Straight from the Regulator - Digital Sentinel","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/digital-sentinel.com\/transfer\/hipaa-enforcement-issues-straight-regulator\/","og_locale":"en_US","og_type":"article","og_title":"HIPAA Enforcement Issues Straight from the Regulator - Digital Sentinel","og_description":"At last week\u2019s Health Care Compliance Association\u2019s annual \u201cCompliance Institute,\u201d \u00a0Iliana Peters, HHS\u00a0Office [&hellip;]","og_url":"https:\/\/digital-sentinel.com\/transfer\/hipaa-enforcement-issues-straight-regulator\/","og_site_name":"Digital Sentinel","article_published_time":"2017-04-18T19:52:52+00:00","article_modified_time":"2017-04-18T19:53:17+00:00","og_image":[{"width":640,"height":426,"url":"https:\/\/digital-sentinel.com\/wp-content\/uploads\/transfer_secure_digital_sentinel.jpg","type":"image\/jpeg"}],"twitter_card":"summary","twitter_misc":{"Written by":"Digital-Sentinel","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Organization","@id":"https:\/\/digital-sentinel.com\/#organization","name":"Digital Sentinel","url":"https:\/\/digital-sentinel.com\/","sameAs":[],"logo":{"@type":"ImageObject","@id":"https:\/\/digital-sentinel.com\/#logo","inLanguage":"en-US","url":"https:\/\/digital-sentinel.com\/wp-content\/uploads\/Digital-Sentinel.gif","contentUrl":"https:\/\/digital-sentinel.com\/wp-content\/uploads\/Digital-Sentinel.gif","width":613,"height":224,"caption":"Digital Sentinel"},"image":{"@id":"https:\/\/digital-sentinel.com\/#logo"}},{"@type":"WebSite","@id":"https:\/\/digital-sentinel.com\/#website","url":"https:\/\/digital-sentinel.com\/","name":"Digital Sentinel","description":"Profit Protection Technology","publisher":{"@id":"https:\/\/digital-sentinel.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/digital-sentinel.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"ImageObject","@id":"https:\/\/digital-sentinel.com\/transfer\/hipaa-enforcement-issues-straight-regulator\/#primaryimage","inLanguage":"en-US","url":"https:\/\/digital-sentinel.com\/wp-content\/uploads\/transfer_secure_digital_sentinel.jpg","contentUrl":"https:\/\/digital-sentinel.com\/wp-content\/uploads\/transfer_secure_digital_sentinel.jpg","width":640,"height":426},{"@type":"WebPage","@id":"https:\/\/digital-sentinel.com\/transfer\/hipaa-enforcement-issues-straight-regulator\/#webpage","url":"https:\/\/digital-sentinel.com\/transfer\/hipaa-enforcement-issues-straight-regulator\/","name":"HIPAA Enforcement Issues Straight from the Regulator - Digital Sentinel","isPartOf":{"@id":"https:\/\/digital-sentinel.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/digital-sentinel.com\/transfer\/hipaa-enforcement-issues-straight-regulator\/#primaryimage"},"datePublished":"2017-04-18T19:52:52+00:00","dateModified":"2017-04-18T19:53:17+00:00","breadcrumb":{"@id":"https:\/\/digital-sentinel.com\/transfer\/hipaa-enforcement-issues-straight-regulator\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/digital-sentinel.com\/transfer\/hipaa-enforcement-issues-straight-regulator\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/digital-sentinel.com\/transfer\/hipaa-enforcement-issues-straight-regulator\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/digital-sentinel.com\/"},{"@type":"ListItem","position":2,"name":"HIPAA Enforcement Issues Straight from the Regulator"}]},{"@type":"Article","@id":"https:\/\/digital-sentinel.com\/transfer\/hipaa-enforcement-issues-straight-regulator\/#article","isPartOf":{"@id":"https:\/\/digital-sentinel.com\/transfer\/hipaa-enforcement-issues-straight-regulator\/#webpage"},"author":{"@id":"https:\/\/digital-sentinel.com\/#\/schema\/person\/78a25f0a40a470633a45d6c98b60f0b2"},"headline":"HIPAA Enforcement Issues Straight from the Regulator","datePublished":"2017-04-18T19:52:52+00:00","dateModified":"2017-04-18T19:53:17+00:00","mainEntityOfPage":{"@id":"https:\/\/digital-sentinel.com\/transfer\/hipaa-enforcement-issues-straight-regulator\/#webpage"},"wordCount":956,"commentCount":0,"publisher":{"@id":"https:\/\/digital-sentinel.com\/#organization"},"image":{"@id":"https:\/\/digital-sentinel.com\/transfer\/hipaa-enforcement-issues-straight-regulator\/#primaryimage"},"thumbnailUrl":"https:\/\/digital-sentinel.com\/wp-content\/uploads\/transfer_secure_digital_sentinel.jpg","keywords":["adit","regulation","transfer"],"articleSection":["Auditing","Regulation","transfer"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/digital-sentinel.com\/transfer\/hipaa-enforcement-issues-straight-regulator\/#respond"]}]},{"@type":"Person","@id":"https:\/\/digital-sentinel.com\/#\/schema\/person\/78a25f0a40a470633a45d6c98b60f0b2","name":"Digital-Sentinel","image":{"@type":"ImageObject","@id":"https:\/\/digital-sentinel.com\/#personlogo","inLanguage":"en-US","url":"https:\/\/secure.gravatar.com\/avatar\/34ea0504bbaf2d4274b9488fb3281aa1?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/34ea0504bbaf2d4274b9488fb3281aa1?s=96&d=mm&r=g","caption":"Digital-Sentinel"},"url":"https:\/\/digital-sentinel.com\/author\/digital-sentinel\/"}]}},"_links":{"self":[{"href":"https:\/\/digital-sentinel.com\/wp-json\/wp\/v2\/posts\/13104"}],"collection":[{"href":"https:\/\/digital-sentinel.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/digital-sentinel.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/digital-sentinel.com\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/digital-sentinel.com\/wp-json\/wp\/v2\/comments?post=13104"}],"version-history":[{"count":0,"href":"https:\/\/digital-sentinel.com\/wp-json\/wp\/v2\/posts\/13104\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/digital-sentinel.com\/wp-json\/wp\/v2\/media\/13105"}],"wp:attachment":[{"href":"https:\/\/digital-sentinel.com\/wp-json\/wp\/v2\/media?parent=13104"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/digital-sentinel.com\/wp-json\/wp\/v2\/categories?post=13104"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/digital-sentinel.com\/wp-json\/wp\/v2\/tags?post=13104"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}