Touchstone Compliance

HIPAA Security Rule

HIPAA, Britney Spears, and Protected Health Information

I don’t know much about Ms. Spears. I’ve no idea who she’s paired with at the moment. And if I saw an Enquirer headline that read, “North Woods Shocker: Britney Marries Bigfoot,” I would not be tempted to buy a copy. But a lot of people are  curious about celebrities like Britney Spears or Kim

HIPAA, Britney Spears, and Protected Health Information Read More »

Are Templates for HIPAA Policies & Procedures a Good Idea?

Some providers believe the solution to HIPAA’s Policies and Procedures requirement is to buy a bunch of templates, fill in all the blanks that say NAME OF YOUR PRACTICE HERE, put those pages in a binder, slide the binder on a shelf, and be done with it. Templates can provide an acceptable starting point, but Policies and Procedures need to be specific to each practice.

Are Templates for HIPAA Policies & Procedures a Good Idea? Read More »

8 Simple Physical Safeguards for Protected Health Information

It’s happened in hundreds of offices. A thirsty staff member brings a beverage to a computer workstation. Sets in down within easy reach. Logs on to the computer and turns her attention to the screen. A few minutes later, she absently reaches for the drink. Accidentally knocks it over. Gasps as the cola from her

8 Simple Physical Safeguards for Protected Health Information Read More »

HIPAA & The Miley-Cyrus Approach to Data Disposal

Does a Miley Cyrus video with over 750 million views offer any insights into what HIPAA says about data disposal? Well, consider this: The massive wrecking ball Ms. Cyrus sits on in the video swings between cinder-block walls. And before the hit song is over, they’re reduced to rubble, destroyed beyond recognition. If it’s not

HIPAA & The Miley-Cyrus Approach to Data Disposal Read More »

9 Safeguards for a HIPAA Compliant Fax

Before there was widespread access to email and the Internet, fax machines in healthcare practices were a common and accepted way to expeditiously share patient information with other providers. Convenient, affordable, easy to use, it’s no wonder fax machines are still whirring in a lot of offices. Maybe even yours. But with all the regulations

9 Safeguards for a HIPAA Compliant Fax Read More »

The Pluses of a Virtual Private Network for Exchanging PHI Remotely

Let me set a scene where a Virtual Private Network (VPN) would be “just what the doctor ordered.” You’re out of town at a conference of healthcare professionals in your specialty. Before you left home, a colleague asked you to consult on a paricular case. She said she would email you the patient’s test results

The Pluses of a Virtual Private Network for Exchanging PHI Remotely Read More »

Healthcare Providers: Why a Computer’s Audit Trail Is Important

I’m going to talk a little bit today about audit trails — sometimes called “audit logs” — and the vital role they can play in your ongoing efforts to keep Protected Health Information (PHI) safe, your workforce honest, and hackers at bay. What is an audit trail? According to Fundamentals of Law for Health Informatics

Healthcare Providers: Why a Computer’s Audit Trail Is Important Read More »

The Newest Standard for Notifying Patients of a PHI Breach

Before the HIPAA Omnibus Rule went into effect last year, the standard for determining whether or not patients needed to be notified in the event of a breach of Protected Health Information (PHI) was pretty subjective.  If, for instance, a computer with PHI  of 3000+ patients was stolen from a small practice, it was the

The Newest Standard for Notifying Patients of a PHI Breach Read More »