Healthcare Information Security

HIPAA Compliance

ONC: HIPAA Regulations Help, Not Hinder Interoperability

February 5, 2016 - It is a common misconception that HIPAA regulations hinder covered entities’ ability to move patient information, according to a recent blog post by ONC Chief Privacy Officer Lucia Savage, J.D. and ONC Privacy Analyst Aja Brooks, J.D. Contrary to the widely believed misconception, HIPAA enables interoperability in many ways, according to the duo. Along with protecting PHI, HIPAA allows...


Articles

Are You Prepared for the OCR HIPAA Audits?

by

If Paul Revere were alive today, instead of warning, “The British are coming!” he might proclaim to healthcare organizations, “The auditors are coming! Be prepared!” Although the HITECH Act audit requirement became effective...

What are Top HIPAA Compliance Concerns, Obstacles?

by

Maintaining HIPAA compliance should always be a key area for leaders in the healthcare industry, but as technology continues to evolve, there are numerous factors coming into play that could affect how organizations keep patient data secure....

HIPAA Regulation Updates Bring Mixed Reactions, Concerns

by

The executive order from earlier this month that brought forth changes to HIPAA regulations has been met with both positive and negative reactions thus far. Some groups state the modifications will help reduce violence and firearm injuries, while...

Are Better HIPAA Guidelines Needed for Health Apps, Devices?

by

The recent OCR HIPAA guidelines discussing patient access to health records is a positive step forward, according to one association, but more needs to be done to ensure better regulations for health apps and device companies. ACT | The App Association...

How Administrative Safeguards Can Prevent Data Breaches

by

Preventing healthcare data breaches is a common goal for covered entities of all sizes. It can be easy to let the importance of administrative safeguards fall behind other areas, such as concerns over hacking and stolen devices, but organizations...

Lack of Risk Assessment Key in UWM $750K HIPAA Settlement

by

The University of Washington Medicine (UWM) recently agreed to a $750,000 fine as part of a HIPAA settlement, which was the result of a 2013 incident. UWM filed a breach report to OCR November 27, 2013, where an email containing malicious malware...

HIPAA Compliance, Data Breaches Are Top 2015 Stories

by

As 2015 comes to an end, it can be beneficial to review the top issues that covered entities and their business associates encountered on a daily basis. Understanding HIPAA compliance will be critical for 2016, especially as the Office for Civil...

State HIPAA Settlement Reached in URMC Data Breach Case

by

New York Attorney General Eric T. Schneiderman reached a HIPAA settlement with the University of Rochester Medical Center (URMC), following a healthcare data breach from last spring that compromised approximately 3,400 patients’ PHI. As...

The OCR HIPAA Compliance Audits Procedure: A Review

by

The Department of Health & Human Services (HHS) Office for Civil Rights (OCR) has reportedly begun to implement its next round of HIPAA compliance audits, set to take place in the early part of 2016. Earlier this week, HealthITSecurity.com...

Reviewing HIPAA Compliance Enforcement Actions

by

With the next round of OCR HIPAA audits reportedly set to take place next year, no healthcare organization can assume that it will not be affected. To the same effect, business associates must also ensure that they are in full HIPAA compliance....

Health Data Privacy Part of DRAP Security Accreditation

by

As health data privacy becomes a heightened concern for health data organizations, the Electronic Healthcare Network Accreditation Commission (EHNAC) developed the Data Registry Accreditation Program (DRAP). Earlier this week, EHNAC awarded its...

AHA Discusses Mental Health Legislation, HIPAA Regulations

by

The American Health Association (AHA) recently announced its support of mental health legislation that would potentially affect current HIPAA regulations and also allow states to use federal Medicaid funds to cover services for adults in inpatient...

The Opportunity and Challenge in Healthcare Data Security

by

Healthcare data security is essential for every covered entity and business associate. Regardless of size, an organization could find itself the victim of a data breach. Patient data must be protected, which can be an increasing challenge as...

How Do HIPAA Regulations Apply After Death?

by

HIPAA regulations help ensure that covered entities and business associates put in the necessary safeguards to keep individuals sensitive medical information secure. But what happens after a patient passes away? Are healthcare providers still...

Study Shows OCR HIPAA Compliance, Breach Recovery Lacking

by

The Office for Civil Rights (OCR) has room for improvement in several health data security areas, including its HIPAA compliance and ability to follow up on PHI data breaches, according to two separate reports from the Office of Inspector General...

HIPAA Regulations and Family Medical History

by

HIPAA regulations are meant to keep individuals’ PHI secure and out of the hands of unauthorized users. In previous weeks, HealthITSecurity.com has discussed how PHI should be handled in numerous situations, and in which situations it is...

Fitbit Announces New HIPAA Compliance Safeguards

by

Fitbit, Inc. recently announced that it now has HIPAA compliance safeguards in place to ensure that Fitbit Wellness customers can stay aligned with federal compliance standards. Fitbit Wellness is a “business-to-business offering that provides...

Breaking Down HIPAA Regulations in Emergencies

by

While HIPAA regulations are something that all covered entities need to incorporate in daily operations, it is not always simple to understand how those federal regulations apply to certain situations. For example, when there is potentially a...

Notice of Privacy Practices for PHI: Breaking Down HIPAA

by

A notice of privacy practices (NPP) for PHI is a critical part of the HIPAA Privacy Rule that covered entities of all sizes need to understand. This piece of communication is also essential for the relationship between a health plan or provider...

Continue to site...