EHR, Meaningful use, ICD-10, Electronic Health Records

HIPAA and Compliance News

Business Associates Benefit From HITRUST Program Expansion

June 29, 2015 - The HIPAA Omnibus Rule requires that healthcare business associates adhere to HIPAA, and covered entities need to ensure that those third-parties remain diligent in their data security measures. In an effort to improve the relationship between healthcare organizations and all applicable third-parties, The Health Information Trust Alliance (HITRUST) announced today that it is expanding its...


Articles

Healthcare Not Only Industry Nervous About Compliance Audits

Healthcare compliance audits are reportedly coming soon, and covered entities of all sizes are working to ensure that they are prepared and have all data security issues ironed out. However, if a recent survey is any indication, healthcare is...

A Review of Common HIPAA Technical Safeguards

HIPAA technical safeguards are just one piece of the larger health data security plan that covered entities and their business associates must put together. However, it is a very important aspect. Over the next few weeks, HealthITSecurity.com...

Maintaining HIPAA Compliance While Preparing for HIPAA Audits

Federal regulators are actively preparing to conduct extensive audits to determine business compliance with HIPAA privacy and security requirements. Covered businesses that handle PHI, i.e.,  individually identifiable health information...

HIPAA Compliance and Mental Health: Breaking Down HIPAA Rules

HIPAA compliance is essential for covered entities and their business associates, but recent legislation has brought another issue to light: how can healthcare organizations stay HIPAA compliant when it comes to mental health? Some covered entities...

How Parkway Works Toward HIPAA Compliance

HIPAA compliance is something that all covered entities and their business associates need to work toward and closely monitor. No organization wants to miss a key security issue that eventually leads to a data breach. Successfully preparing for...

Why HIPAA Technical Safeguards Alone Are Not Enough

HIPAA technical safeguards are an important part of any covered entity or business associate’s data security plan. However, that security measure by itself is not enough to ensure that a health data breach will never occur, according to...

Patient Right of Access: Breaking Down HIPAA Rules

The HIPAA Privacy Rule dictates how covered entities must keep PHI secure, but another key aspect described in the federal legislation is the patient right of access. Individuals have the right to review or obtain copies of their own PHI, albeit...

HIPAA Privacy Rules Clarified in New Mental Health Bill

Representative Doris Matsui (D-CA) introduced legislation this week designed to clarify HIPAA privacy rules as they apply to mental health. The Including Families in Mental Health Recovery Act also aims to decrease mental health stigma, according...

Tenn. Governor Did Not Violate HIPAA, Says State AG

Earlier this week, Tennessee Attorney General Herbert Slattery concluded that the state’s governor did not violate HIPAA when he released certain information about state lawmakers who are on Tennessee’s health insurance program. Governor...

Proposed Mental Health Bill Accounts for HIPAA Regulations

A recently introduced mental health bill would also ensure that individuals with mental illness can have their caregivers treated as personal representatives for the purposes of HIPAA regulations. The Helping Families in Mental Health Crisis...

Breaking Down the HIPAA Risk Assessment

Conducting a HIPAA risk assessment is something that every covered entity must do to ensure that they are properly monitoring potential weak spots in their data security. At the time of publication, the Office for Civil Rights (OCR) had not yet...

HIPAA Violation Leads to Probation for Radiologist

An Ohio radiologist is facing disciplinary actions from the state medical board after she reportedly committed a HIPAA violation. Dr. Aimee Hawley unlawfully accessed a colleague’s medical record, according to a DOTmed News article, and...

What Happens in HIPAA Audits: Breaking Down HIPAA Rules

HIPAA audits are something that covered entities of all sizes must be prepared to potentially go through. As technology continues to evolve, facilities need to ensure that they are maintaining PHI security and understand how best to keep sensitive...

Breaking Down PHI Security Breaches and Their Impact

With another large health data breach being announced this week, it is essential that covered entities of all sizes understand the intricacies of PHI security. However, there is an important distinction in types of data that healthcare organizations...

Accidental and Unauthorized Emails Create PHI Security Issues

No covered entity wants to notify patients of a potential PHI security incident, yet even with the appropriate safeguards in place, problems could still occur. When this happens, it is important to properly notify potentially affected individuals...

Judge Disagrees With Employee Firing Over HIPAA Violation

A Montana judge recently ruled that a healthcare employee’s HIPAA violation did not preclude her from protection under the National Labor Relations Act (NLRA). The employee had accessed personal information on coworkers for her union-organizing...

How Will New Research Bill Affect HIPAA Regulations?

A proposed health research bill could potentially affect the current HIPAA regulations, as it would allow covered entities or business associates to use or disclose PHI for research purposes without patient consent. Called 21st Century Cures,...

Phishing Scams: HIPAA Technical or Administrative Safeguard?

Phishing scams are not a new threat to the healthcare industry, but as other data security threats have evolved over time, so have phishing approaches. Early on, individuals might have gotten emails from someone claiming to be a prince from a...

Healthcare Authentication Factors: Breaking Down HIPAA

Strong technical safeguards are essential for covered entities, regardless of their size, and the right healthcare authentication factors are a critical aspect of those safeguards. Locking down end users, and maintaining technical safeguards...