Roman Diaz – Touchstone Compliance

Most HIPAA Checklists Are a Waste of Time. Here’s Why.

Just now, out of curiosity, I Googled the words “HIPAA compliance checklist.” Within .20 seconds I got 2,470,000 results. Page after Google page of businesses, legal firms, healthcare organizations, and government agencies offering everything from “Ten-Point HIPAA Checklists” to “$89 Compliance Checklists.” The appeal of such lists is undeniable. Knowing what I know about HIPAA […]

Most HIPAA Checklists Are a Waste of Time. Here’s Why. Read More »

Policies and Procedures – A Starter List for HIPAA Compliance

Leave a Comment / Policies and Procedures / Roman Diaz

Policies and procedures play a key role in HIPAA compliance. Here’s a partial list of the policies and procedures every healthcare practice needs to have in place.

Policies and Procedures – A Starter List for HIPAA Compliance Read More »

A New Approach to ePHI Security in Your Practice

Leave a Comment / Data Security, HIPAA Security Rule / Roman Diaz

Safeguarding ePHI (electronic Protected Health Information) isn’t the sole responsibility of a healthcare office’s IT person. It’s a team effort that depends on everyone adhering to good computer practices.

A New Approach to ePHI Security in Your Practice Read More »

HIPAA, Britney Spears, and Protected Health Information

Leave a Comment / audit trail, Data Security, HIPAA Privacy Rule, HIPAA Security Rule / Roman Diaz

I don’t know much about Ms. Spears. I’ve no idea who she’s paired with at the moment. And if I saw an Enquirer headline that read, “North Woods Shocker: Britney Marries Bigfoot,” I would not be tempted to buy a copy. But a lot of people are curious about celebrities like Britney Spears or Kim

HIPAA, Britney Spears, and Protected Health Information Read More »

When a PHI Breach Happens: What to Tell Your Patients

Leave a Comment / Uncategorized / Roman Diaz

As soon as you discover that’s there’s been a breach of PHI, HIPAA requires that “without unreasonable delay” you notify those patients whose information is involved and in danger of being compromised. This article discusses how to do that.

When a PHI Breach Happens: What to Tell Your Patients Read More »

Santa Claus and HIPAA Compliance

Leave a Comment / Uncategorized / Roman Diaz

A HIPAA blog just for the holidays. What if Mr. Claus was injured in a run-in with a reindeer and a nurse in the hospital leaked the news?

Santa Claus and HIPAA Compliance Read More »

Are Templates for HIPAA Policies & Procedures a Good Idea?

Leave a Comment / HIPAA Privacy Rule, HIPAA Security Rule, Policies and Procedures / Roman Diaz

Some providers believe the solution to HIPAA’s Policies and Procedures requirement is to buy a bunch of templates, fill in all the blanks that say NAME OF YOUR PRACTICE HERE, put those pages in a binder, slide the binder on a shelf, and be done with it. Templates can provide an acceptable starting point, but Policies and Procedures need to be specific to each practice.

Are Templates for HIPAA Policies & Procedures a Good Idea? Read More »

Computer Virus Protection and Your Office

Leave a Comment / Uncategorized / Roman Diaz

But no matter how much we might wish that hackers weren’t so busy or so clever, malicious software in the form of viruses, worms, and “Trojan horses” is out there. Today’s blog will talk about specific steps healthcare practices can take to keep systems free from malware.

Computer Virus Protection and Your Office Read More »

Quick Tip: A Short Guide to a HIPAA Compliant Shredding

Leave a Comment / Uncategorized / Roman Diaz

Today, let’s do some trash talkin’ – and take a look at the HIPAA compliant way to dispose of papers that contain Protected Health Information (PHI). Even if much of your PHI is now in digital form (ePHI) and your office is well on its way to becoming paperless, chances are you still need a

Quick Tip: A Short Guide to a HIPAA Compliant Shredding Read More »

HIPAA, OSHA, and the Alphabet Soup of Government Regulations

Leave a Comment / Uncategorized / Roman Diaz

HIPAA deals mainly with safeguarding Protected Health Information (PHI) in all its forms. In essence, it’s a patient-centered law. OSHA, on the other hand, is all about working conditions.

HIPAA, OSHA, and the Alphabet Soup of Government Regulations Read More »