HIPAA compliance – Touchstone Compliance

Most HIPAA Checklists Are a Waste of Time. Here’s Why.

Just now, out of curiosity, I Googled the words “HIPAA compliance checklist.” Within .20 seconds I got 2,470,000 results. Page after Google page of businesses, legal firms, healthcare organizations, and government agencies offering everything from “Ten-Point HIPAA Checklists” to “$89 Compliance Checklists.” The appeal of such lists is undeniable. Knowing what I know about HIPAA […]

Most HIPAA Checklists Are a Waste of Time. Here’s Why. Read More »

Policies and Procedures – A Starter List for HIPAA Compliance

Leave a Comment / Policies and Procedures / Roman Diaz

Policies and procedures play a key role in HIPAA compliance. Here’s a partial list of the policies and procedures every healthcare practice needs to have in place.

Policies and Procedures – A Starter List for HIPAA Compliance Read More »

HIPAA, Britney Spears, and Protected Health Information

Leave a Comment / audit trail, Data Security, HIPAA Privacy Rule, HIPAA Security Rule / Roman Diaz

I don’t know much about Ms. Spears. I’ve no idea who she’s paired with at the moment. And if I saw an Enquirer headline that read, “North Woods Shocker: Britney Marries Bigfoot,” I would not be tempted to buy a copy. But a lot of people are curious about celebrities like Britney Spears or Kim

HIPAA, Britney Spears, and Protected Health Information Read More »

How Falling Prey to a Phishing Expedition Puts PHI at Risk

Leave a Comment / HIPAA Quick Tip / Roman Diaz

Phishing has become so commonplace, the word has made its way into the dictionary: Phish — to try to obtain financial or other confidential information from Internet users, typically by sending an e-mail that looks as if it is from a legitimate organization, usually a financial institution, but contains a link to a fake website

How Falling Prey to a Phishing Expedition Puts PHI at Risk Read More »

Recent Changes in the Notice of Privacy Practices: What You Need to Know

Leave a Comment / Notice of Privacy Practices / Roman Diaz

If there’s one aspect of HIPAA compliance it seems every office implements, it’s the Notice of Privacy Practices (NPP) — the document that informs patients of the permitted uses and disclosures of their Protected Health Information (PHI) and also spells out their rights as patients regarding their own access to their PHI. I can vouch

Recent Changes in the Notice of Privacy Practices: What You Need to Know Read More »

The Pluses of a Virtual Private Network for Exchanging PHI Remotely

Leave a Comment / HIPAA Quick Tip, HIPAA Security Rule / Roman Diaz

Let me set a scene where a Virtual Private Network (VPN) would be “just what the doctor ordered.” You’re out of town at a conference of healthcare professionals in your specialty. Before you left home, a colleague asked you to consult on a paricular case. She said she would email you the patient’s test results

The Pluses of a Virtual Private Network for Exchanging PHI Remotely Read More »

Healthcare Providers: Why a Computer’s Audit Trail Is Important

Leave a Comment / audit trail, HIPAA Security Rule / Roman Diaz

I’m going to talk a little bit today about audit trails — sometimes called “audit logs” — and the vital role they can play in your ongoing efforts to keep Protected Health Information (PHI) safe, your workforce honest, and hackers at bay. What is an audit trail? According to Fundamentals of Law for Health Informatics

Healthcare Providers: Why a Computer’s Audit Trail Is Important Read More »

The Newest Standard for Notifying Patients of a PHI Breach

Leave a Comment / HIPAA Security Rule, Omnibus Rule, PHI Breach / Roman Diaz

Before the HIPAA Omnibus Rule went into effect last year, the standard for determining whether or not patients needed to be notified in the event of a breach of Protected Health Information (PHI) was pretty subjective. If, for instance, a computer with PHI of 3000+ patients was stolen from a small practice, it was the

The Newest Standard for Notifying Patients of a PHI Breach Read More »

6 Symptoms of a Possible Computer Virus

Leave a Comment / HIPAA Quick Tip, HIPAA Security Rule / Roman Diaz

In your line of work, people come to you every day with symptoms. Chest pains. Chills. Blurred vision. Toothaches. And every day you draw on your years of medical, optometry, or dental training and your skills as a diagnostician to figure what’s wrong and how to fix it. As a healthcare professional, it’s what you

6 Symptoms of a Possible Computer Virus Read More »

Urban Legends & the HIPAA Risk Analysis

Leave a Comment / HIPAA Security Rule, risk assessment / Roman Diaz

Strange as it might seem, HIPAA compliance and the New York City sewer system share a connection. Both have given rise to “stories with little or no supporting evidence that spread spontaneously in varying forms and often have elements of humor, moralizing, or horror” — in other words, both contain the stuff of “urban legends.”

Urban Legends & the HIPAA Risk Analysis Read More »