Fact: According to the latest HIPAA and Breach Enforcement Stats from the Office of Civil Rights (the arm of Health and Human Services responsible for HIPAA enforcement), theft is the leading cause of reported breaches. Last year, as a direct result of a breach report of a stolen unencrypted laptop, Concentra Health Services paid OCR […]
Basic Guide to Thwarting Theft of Protected Health Information Read More »
Strange as it might seem, HIPAA compliance and the New York City sewer system share a connection. Both have given rise to “stories with little or no supporting evidence that spread spontaneously in varying forms and often have elements of humor, moralizing, or horror” — in other words, both contain  the stuff of “urban legends.”
Urban Legends & the HIPAA Risk Analysis Read More »
“The times they are a changin’,” Bob Dylan sang in the Sixties. And they still are, especially when it comes to HIPAA and its regulaltions regarding Business Associate Agreements. The Omnibus Rule that went into effect in September of 2013 makes it clear that business associates of healthcare practices now have to comply with many
Having Business Associate Agreements Can Save a Healthcare Office Boku Bucks Read More »
My brother-in-law retired a few years ago after more than three decades in private practice. He ran his busy office the old fashioned way — without computers. His patients’ records were kept in manila folders filed in a wall of shelves. In longhand, his office manager recorded appointments in a big black book and
How to Prepare for the Risk Assessment HIPAA Requires Read More »
As part of HIPAA compliance, every healthcare office must have a Privacy Officer and a Security Officer. This article describes the responsibilities of each.
In the event of a disaster, here’s what every healthcare provider needs to know about data backup of Personal Health Information (PHI and ePHI).
How Data Backup Can Save a Healthcare Practice in a Disaster Read More »
To borrow a phrase from Stephen Colbert, the Office of Civil Rights (OCR) — the department in charge of HIPAA enforcement — got a “wag of the finger” a while back from the Health and Human Services Office of the Inspector General. And that’s bound to have an impact on healthcare offices everywhere. A November
Why Serious HIPAA Enforcement Is Inevitable Read More »
As soon as you discover that’s there’s been a breach of PHI, HIPAA requires that “without unreasonable delay” you notify those patients whose information is involved and in danger of being compromised. This article discusses how to do that.
When a PHI Breach Happens: What to Tell Your Patients Read More »
It’s happened in hundreds of offices. A thirsty staff member brings a beverage to a computer workstation. Sets in down within easy reach. Logs on to the computer and turns her attention to the screen. A few minutes later, she absently reaches for the drink. Accidentally knocks it over. Gasps as the cola from her
8 Simple Physical Safeguards for Protected Health Information Read More »
Does a Miley Cyrus video with over 750 million views offer any insights into what HIPAA says about data disposal? Well, consider this: The massive wrecking ball Ms. Cyrus sits on in the video swings between cinder-block walls. And before the hit song is over, they’re reduced to rubble, destroyed beyond recognition. If it’s not
HIPAA & The Miley-Cyrus Approach to Data Disposal Read More »
