Touchstone Compliance

Health and Human Services

Cracking the Code of HHS Guidelines for Encryption of PHI

To encrypt or not to encrypt, that is the question. Or to put it another way: To convert readable data into gibberish that must be decoded to become readable again — or not to convert readable data into gibberish that must be decoded to become readable again, that is the question. The Health Insurance Portability […]

Cracking the Code of HHS Guidelines for Encryption of PHI Read More »

Recent Changes in the Notice of Privacy Practices: What You Need to Know

If there’s one aspect of HIPAA compliance it seems every office implements, it’s the Notice of Privacy Practices (NPP) — the document that informs patients of the permitted uses and disclosures of their Protected Health Information (PHI) and also spells out their rights as patients regarding their own access to their PHI. I can vouch

Recent Changes in the Notice of Privacy Practices: What You Need to Know Read More »

Healthcare Providers: Why a Computer’s Audit Trail Is Important

I’m going to talk a little bit today about audit trails — sometimes called “audit logs” — and the vital role they can play in your ongoing efforts to keep Protected Health Information (PHI) safe, your workforce honest, and hackers at bay. What is an audit trail? According to Fundamentals of Law for Health Informatics

Healthcare Providers: Why a Computer’s Audit Trail Is Important Read More »

Basic Guide to Thwarting Theft of Protected Health Information

Fact: According to the latest HIPAA and Breach Enforcement Stats from the Office of Civil Rights (the arm of Health and Human Services responsible for HIPAA enforcement), theft is the leading cause of reported breaches. Last year, as a direct result of a breach report of a stolen unencrypted laptop, Concentra Health Services paid OCR

Basic Guide to Thwarting Theft of Protected Health Information Read More »

Why Serious HIPAA Enforcement Is Inevitable

To borrow a phrase from Stephen Colbert, the Office of Civil Rights (OCR) — the department in charge of HIPAA enforcement — got a “wag of the finger” a while back from the Health and Human Services Office of the Inspector General. And that’s bound to have an impact on healthcare offices everywhere. A November

Why Serious HIPAA Enforcement Is Inevitable Read More »

The Role of a Practice’s HIPAA Privacy Officer

  Exactly when an HHS auditor will visit your office is anybody’s guess. But I do know the first words an auditor is likely to say when he/she arrives to assess how the practice is doing with HIPAA compliance: “I’m from Health and Human Services and I’d like to speak with your Privacy Officer.”Roblox Robux

The Role of a Practice’s HIPAA Privacy Officer Read More »