Safeguarding ePHI (electronic Protected Health Information) isn’t the sole responsibility of a healthcare office’s IT person. It’s a team effort that depends on everyone adhering to good computer practices.
A New Approach to ePHI Security in Your Practice Read More »
Some providers believe the solution to HIPAA’s Policies and Procedures requirement is to buy a bunch of templates, fill in all the blanks that say NAME OF YOUR PRACTICE HERE, put those pages in a binder, slide the binder on a shelf, and be done with it. Templates can provide an acceptable starting point, but Policies and Procedures need to be specific to each practice.
Are Templates for HIPAA Policies & Procedures a Good Idea? Read More »
Does a Miley Cyrus video with over 750 million views offer any insights into what HIPAA says about data disposal? Well, consider this: The massive wrecking ball Ms. Cyrus sits on in the video swings between cinder-block walls. And before the hit song is over, they’re reduced to rubble, destroyed beyond recognition. If it’s not
HIPAA & The Miley-Cyrus Approach to Data Disposal Read More »
Phishing has become so commonplace, the word has made its way into the dictionary: Phish — to try to obtain financial or other confidential information from Internet users, typically by sending an e-mail that looks as if it is from a legitimate organization, usually a financial institution, but contains a link to a fake website
How Falling Prey to a Phishing Expedition Puts PHI at Risk Read More »
Before there was widespread access to email and the Internet, fax machines in healthcare practices were a common and accepted way to expeditiously share patient information with other providers. Convenient, affordable, easy to use, it’s no wonder fax machines are still whirring in a lot of offices. Maybe even yours. But with all the regulations
9 Safeguards for a HIPAA Compliant Fax Read More »
To encrypt or not to encrypt, that is the question. Or to put it another way: To convert readable data into gibberish that must be decoded to become readable again — or not to convert readable data into gibberish that must be decoded to become readable again, that is the question. The Health Insurance Portability
Cracking the Code of HHS Guidelines for Encryption of PHI Read More »
If you or someone on your staff opens one of these diabolic — yet seemingly innocent — email attachments, they can infect the office’s computers and make running your practice “hella” difficult until they’re fixed. Email attachments are a common source of viruses and worms. When opened, they can give hackers control of your computer,
Beware of the Email Attachments from Hell Read More »
I’m going to talk a little bit today about audit trails — sometimes called “audit logs” — and the vital role they can play in your ongoing efforts to keep Protected Health Information (PHI) safe, your workforce honest, and hackers at bay. What is an audit trail? According to Fundamentals of Law for Health Informatics
Healthcare Providers: Why a Computer’s Audit Trail Is Important Read More »
Before the HIPAA Omnibus Rule went into effect last year, the standard for determining whether or not patients needed to be notified in the event of a breach of Protected Health Information (PHI) was pretty subjective. If, for instance, a computer with PHI  of 3000+ patients was stolen from a small practice, it was the
The Newest Standard for Notifying Patients of a PHI Breach Read More »
The answer to that question is more complicated than a simple yes or no. “It depends,” says it best. The reason lies in the law itself. The lawmakers who crafted the HIPAA legislation went to great lengths, it seems to me, to make the mandate non-prescriptive.  HIPAA compliance doesn’t expressly require the use or avoidance
Is Texting PHI (Protected Health Information) Allowed by HIPAA? Read More »
