Touchstone Compliance

Omnibus rule

Recent Changes in the Notice of Privacy Practices: What You Need to Know

If there’s one aspect of HIPAA compliance it seems every office implements, it’s the Notice of Privacy Practices (NPP) — the document that informs patients of the permitted uses and disclosures of their Protected Health Information (PHI) and also spells out their rights as patients regarding their own access to their PHI. I can vouch […]

Recent Changes in the Notice of Privacy Practices: What You Need to Know Read More »

The Newest Standard for Notifying Patients of a PHI Breach

Before the HIPAA Omnibus Rule went into effect last year, the standard for determining whether or not patients needed to be notified in the event of a breach of Protected Health Information (PHI) was pretty subjective.  If, for instance, a computer with PHI  of 3000+ patients was stolen from a small practice, it was the

The Newest Standard for Notifying Patients of a PHI Breach Read More »

Basics of a Good Business Associate Agreement for HIPAA

When it comes to safeguarding Protected Health Information (PHI), you could say, “It takes a village.”  The Omnibus Rule underscores the fact that protecting patients’ health information and their right to privacy is the responsibility today not only of healthcare providers, but also of their business associates (BAs) whose work requires them to access PHI.

Basics of a Good Business Associate Agreement for HIPAA Read More »

Having Business Associate Agreements Can Save a Healthcare Office Boku Bucks

“The times they are a changin’,” Bob Dylan sang in the Sixties. And they still are, especially when it comes to HIPAA and its regulaltions regarding Business Associate Agreements. The Omnibus Rule that went into effect in September of 2013 makes it clear that business associates of healthcare practices now have to comply with many

Having Business Associate Agreements Can Save a Healthcare Office Boku Bucks Read More »

Most HIPAA Checklists Are a Waste of Time. Here’s Why.

Just now, out of curiosity, I Googled the words “HIPAA compliance checklist.” Within .20 seconds I got 2,470,000 results. Page after Google page of businesses, legal firms, healthcare organizations, and government agencies offering everything from “Ten-Point HIPAA Checklists” to “$89 Compliance Checklists.” The appeal of such lists is undeniable. Knowing what I know about HIPAA

Most HIPAA Checklists Are a Waste of Time. Here’s Why. Read More »