EHR, Meaningful use, ICD-10, Electronic Health Records

HIPAA and Compliance News

How to Implement Strong HIPAA Technical Safeguards

July 27, 2015 - Having strong HIPAA technical safeguards is essential for healthcare organizations of all sizes. However, it is also critical that those safeguards are not the only data security measure that covered entities rely on to keep data protected. Jeffrey Wilson, Director of Information Services, Assurance and IT Security at Albany Medical Center discussed the importance of HIPAA technical safeguards...


Articles

How the Patient Safety Rule Ties into HIPAA Regulations

There are many essential aspects to HIPAA regulations, and how covered entities and their business associates must work to remain compliant. The Patient Safety and Quality Improvement Act of 2005 (PSQIA) is another important regulation to understand,...

No HIPAA Violation for Employees Retaining PHI, Says Court

Former hospital employees who retained PHI following their termination at an Arkansas hospital did not commit a HIPAA violation, according to an Arkansas court decision. Pam Howard previously worked at the Division of General Surgery of the University...

AHA: Prohibit Health Plan Identifiers in HIPAA Transactions

The Department of Health and Human Services (HHS) should prohibit Health Plan Identifiers (HPID) and Other Entity Identifiers (OEID) when used within a HIPAA transaction, according to the American Hospital Association (AHA). The AHA submitted...

HIPAA Regulations Not Data Exchange Barrier, Says Halamka

HIPAA regulations can sometimes be used as an excuse for why healthcare organizations are unable to exchange information. Digital health information and health data sharing are increasingly necessary for the changing healthcare environment, according...

A Review of Common HIPAA Administrative Safeguards

HIPAA administrative safeguards are a critical piece to the larger health data security puzzle that all covered entities must put together. The three types of safeguards are not only a federal requirement, but they all play an important role...

Potential HIPAA Violations Found in LA County DPH Audit

An IT security audit at the L.A. County Department of Health (DPH) revealed potential HIPAA violations, and that there are several areas of improvement for DPH. There need to be better system access controls, IT equipment control, and computer...

NY Cancer Institute ePHI Security Audit Shows Proper Policies

An ePHI security audit of the Roswell Park Cancer Institute found that the organization has a strong information security program, but could still improve in its risk assessment ability, ePHI access controls, and certain technical safeguard implementations....

Mass. Hospital Hit With $200K OCR HIPAA Settlement

A Massachusetts hospital was fined $218,400 in a HIPAA settlement, according to a statement from the Department of Health and Human Services (HHS) Office for Civil Rights (OCR). Brighton, Massachusetts-based St. Elizabeth’s Medical Center...

A Review of Common HIPAA Physical Safeguards

HIPAA physical safeguards are an essential aspect to any covered entity’s PHI security, but could easily be overlooked. Technical safeguards and administrative safeguards could easily be pushed to the forefront of a covered entity’s...

Business Associates Benefit From HITRUST Program Expansion

The HIPAA Omnibus Rule requires that healthcare business associates adhere to HIPAA, and covered entities need to ensure that those third-parties remain diligent in their data security measures. In an effort to improve the relationship between...

Healthcare Not Only Industry Nervous About Compliance Audits

Healthcare compliance audits are reportedly coming soon, and covered entities of all sizes are working to ensure that they are prepared and have all data security issues ironed out. However, if a recent survey is any indication, healthcare is...

A Review of Common HIPAA Technical Safeguards

HIPAA technical safeguards are just one piece of the larger health data security plan that covered entities and their business associates must put together. However, it is a very important aspect. Over the next few weeks, HealthITSecurity.com...

Maintaining HIPAA Compliance While Preparing for HIPAA Audits

Federal regulators are actively preparing to conduct extensive audits to determine business compliance with HIPAA privacy and security requirements. Covered businesses that handle PHI, i.e.,  individually identifiable health information...

HIPAA Compliance and Mental Health: Breaking Down HIPAA Rules

HIPAA compliance is essential for covered entities and their business associates, but recent legislation has brought another issue to light: how can healthcare organizations stay HIPAA compliant when it comes to mental health? Some covered entities...

How Parkway Works Toward HIPAA Compliance

HIPAA compliance is something that all covered entities and their business associates need to work toward and closely monitor. No organization wants to miss a key security issue that eventually leads to a data breach. Successfully preparing for...

Why HIPAA Technical Safeguards Alone Are Not Enough

HIPAA technical safeguards are an important part of any covered entity or business associate’s data security plan. However, that security measure by itself is not enough to ensure that a health data breach will never occur, according to...

Patient Right of Access: Breaking Down HIPAA Rules

The HIPAA Privacy Rule dictates how covered entities must keep PHI secure, but another key aspect described in the federal legislation is the patient right of access. Individuals have the right to review or obtain copies of their own PHI, albeit...

HIPAA Privacy Rules Clarified in New Mental Health Bill

Representative Doris Matsui (D-CA) introduced legislation this week designed to clarify HIPAA privacy rules as they apply to mental health. The Including Families in Mental Health Recovery Act also aims to decrease mental health stigma, according...

Tenn. Governor Did Not Violate HIPAA, Says State AG

Earlier this week, Tennessee Attorney General Herbert Slattery concluded that the state’s governor did not violate HIPAA when he released certain information about state lawmakers who are on Tennessee’s health insurance program. Governor...

X

Sign up for our free HealthITSecurity.com newsletter and stay up to date with tips and advice on:

HIPAA
BYOD
Data Security
VDI
Cloud Security

Our privacy policy

no, thanks