Iâm going to talk a little bit today about audit trails — sometimes called âaudit logsâ — and the vital role they can play in your ongoing efforts to keep Protected Health Information (PHI) safe, your workforce honest, and hackers at bay. What is an audit trail? According to Fundamentals of Law for Health Informatics …
Healthcare Providers: Why a Computerâs Audit Trail Is Important Read More »
Before the HIPAA Omnibus Rule went into effect last year, the standard for determining whether or not patients needed to be notified in the event of a breach of Protected Health Information (PHI) was pretty subjective. If, for instance, a computer with PHI  of 3000+ patients was stolen from a small practice, it was the …
The Newest Standard for Notifying Patients of a PHI Breach Read More »
The answer to that question is more complicated than a simple yes or no. âIt depends,â says it best. The reason lies in the law itself. The lawmakers who crafted the HIPAA legislation went to great lengths, it seems to me, to make the mandate non-prescriptive. Â HIPAA compliance doesnât expressly require the use or avoidance …
Is Texting PHI (Protected Health Information) Allowed by HIPAA? Read More »
For healthcare providers whoâve been putting off doing a risk assessment and developing a mitigation plan, Mary Barra, the CEO of General Motors, could make a compelling case against that kind of procrastination. If ten years earlier GM had identified the ignition switch in last yearâs headlines as a potentially deadly defect and taken steps …
HIPAA Risk Assessment: Lessons from General Motors Read More »
Eavesdrop on a conversation about HIPAA compliance and most likely youâll hear the words âprivacyâ and âsecurityâ — sometimes separately, often together, and usually in the context of safeguarding patient information. âSo, what exactly is the difference between âprivacyâ and âsecurityâ in relation to HIPAA compliance?â you ask. With todayâs HIPAA Quick Tip Iâll try …
HIPAA Privacy Rule. HIPAA Security Rule. Whatâs the Difference? Read More »
Before there was widespread access to email and the Internet, fax machines in healthcare practices were a common and accepted way to expeditiously share patient information with other providers. Convenient, affordable, easy to use, itâs no wonder fax machines are still whirring in a lot of offices. Maybe even yours. But with all the regulations …
To encrypt or not to encrypt, that is the question. Or to put it another way: To convert readable data into gibberish that must be decoded to become readable again — or not to convert readable data into gibberish that must be decoded to become readable again, that is the question. The Health Insurance Portability …
Cracking the Code of HHS Guidelines for Encryption of PHI Read More »
Let me set a scene where a Virtual Private Network (VPN) would be “just what the doctor ordered.” You’re out of town at a conference of healthcare professionals in your specialty. Before you left home, a colleague asked you to consult on a paricular case. She said she would email you the patient’s test results …
The Pluses of a Virtual Private Network for Exchanging PHI Remotely Read More »
The single most common way Protected Health Information (PHI) is compromised is through the loss of devices themselves, whether this happens by accident or by theft. Technology — thumb drives, CDs, smart phones, tablets — has made it possible for large amounts of information to be tucked into our pockets or purses and carried to …
The Basics of Mobile Device Security for Protected Health Information Read More »
When it comes to safeguarding Protected Health Information (PHI), you could say, âIt takes a village.â Â The Omnibus Rule underscores the fact that protecting patientsâ health information and their right to privacy is the responsibility today not only of healthcare providers, but also of their business associates (BAs) whose work requires them to access PHI. …
Basics of a Good Business Associate Agreement for HIPAA Read More »
