Roman Diaz – Page 3 – Touchstone Compliance

Recent Changes in the Notice of Privacy Practices: What You Need to Know

Leave a Comment / Notice of Privacy Practices / Roman Diaz

If there’s one aspect of HIPAA compliance it seems every office implements, it’s the Notice of Privacy Practices (NPP) — the document that informs patients of the permitted uses and disclosures of their Protected Health Information (PHI) and also spells out their rights as patients regarding their own access to their PHI. I can vouch […]

Recent Changes in the Notice of Privacy Practices: What You Need to Know Read More »

The Pluses of a Virtual Private Network for Exchanging PHI Remotely

Let me set a scene where a Virtual Private Network (VPN) would be “just what the doctor ordered.” You’re out of town at a conference of healthcare professionals in your specialty. Before you left home, a colleague asked you to consult on a paricular case. She said she would email you the patient’s test results

The Pluses of a Virtual Private Network for Exchanging PHI Remotely Read More »

Beware of the Email Attachments from Hell

Leave a Comment / HIPAA Quick Tip / Roman Diaz

If you or someone on your staff opens one of these diabolic — yet seemingly innocent — email attachments, they can infect the office’s computers and make running your practice “hella” difficult until they’re fixed. Email attachments are a common source of viruses and worms. When opened, they can give hackers control of your computer,

Beware of the Email Attachments from Hell Read More »

4 Proven Ways to Ward Off Computer Viruses

Leave a Comment / Uncategorized / Roman Diaz

My wife, Susan, views computers much the same way she views garage-door openers. She’ll be the first to say that the only thing she really cares to know about either is that when she clicks a certain button, things will work as they have and as they should. I suspect she isn’t alone in feeling

4 Proven Ways to Ward Off Computer Viruses Read More »

Free Tools to Help with the HIPAA Risk Analysis

Leave a Comment / Uncategorized / Roman Diaz

The results are in from the early HIPAA audits by Health and Human Services (HHS). Want to know what was the major weakness found by the government’s auditors? The compliance deficiency all-to-common among healthcare practices? It was, according to HHS, “the lack of a thorough risk analysis.”Time after time, auditors would ask to see evidence

Free Tools to Help with the HIPAA Risk Analysis Read More »

Healthcare Providers: Why a Computer’s Audit Trail Is Important

Leave a Comment / audit trail, HIPAA Security Rule / Roman Diaz

I’m going to talk a little bit today about audit trails — sometimes called “audit logs” — and the vital role they can play in your ongoing efforts to keep Protected Health Information (PHI) safe, your workforce honest, and hackers at bay. What is an audit trail? According to Fundamentals of Law for Health Informatics

Healthcare Providers: Why a Computer’s Audit Trail Is Important Read More »

The Newest Standard for Notifying Patients of a PHI Breach

Leave a Comment / HIPAA Security Rule, Omnibus Rule, PHI Breach / Roman Diaz

Before the HIPAA Omnibus Rule went into effect last year, the standard for determining whether or not patients needed to be notified in the event of a breach of Protected Health Information (PHI) was pretty subjective. If, for instance, a computer with PHI of 3000+ patients was stolen from a small practice, it was the

The Newest Standard for Notifying Patients of a PHI Breach Read More »

The Truth about HIPAA Compliant Email

Leave a Comment / Secure email / Roman Diaz

In a previous blog I talked about the importance of email security in today’s healthcare practices. I focused mainly on the advantages of using secure HIPAA compliant email in communications with patients, and how that kind of communication can earn a doctor or dentist a high rating on social media and, quite possibly, a better

The Truth about HIPAA Compliant Email Read More »

Is Texting PHI (Protected Health Information) Allowed by HIPAA?

Leave a Comment / HIPAA Security Rule, Texting PHI / Roman Diaz

The answer to that question is more complicated than a simple yes or no. “It depends,” says it best. The reason lies in the law itself. The lawmakers who crafted the HIPAA legislation went to great lengths, it seems to me, to make the mandate non-prescriptive. HIPAA compliance doesn’t expressly require the use or avoidance

Is Texting PHI (Protected Health Information) Allowed by HIPAA? Read More »

HIPAA Risk Assessment: Lessons from General Motors

Leave a Comment / HIPAA Security Rule, risk assessment / Roman Diaz

For healthcare providers who’ve been putting off doing a risk assessment and developing a mitigation plan, Mary Barra, the CEO of General Motors, could make a compelling case against that kind of procrastination. If ten years earlier GM had identified the ignition switch in last year’s headlines as a potentially deadly defect and taken steps

HIPAA Risk Assessment: Lessons from General Motors Read More »