As soon as you discover that’s there’s been a breach of PHI, HIPAA requires that “without unreasonable delay” you notify those patients whose information is involved and in danger of being compromised. This article discusses how to do that.
When a PHI Breach Happens: What to Tell Your Patients Read More »
It’s happened in hundreds of offices. A thirsty staff member brings a beverage to a computer workstation. Sets in down within easy reach. Logs on to the computer and turns her attention to the screen. A few minutes later, she absently reaches for the drink. Accidentally knocks it over. Gasps as the cola from her
8 Simple Physical Safeguards for Protected Health Information Read More »
Does a Miley Cyrus video with over 750 million views offer any insights into what HIPAA says about data disposal? Well, consider this: The massive wrecking ball Ms. Cyrus sits on in the video swings between cinder-block walls. And before the hit song is over, they’re reduced to rubble, destroyed beyond recognition. If it’s not
HIPAA & The Miley-Cyrus Approach to Data Disposal Read More »
Before there was widespread access to email and the Internet, fax machines in healthcare practices were a common and accepted way to expeditiously share patient information with other providers. Convenient, affordable, easy to use, it’s no wonder fax machines are still whirring in a lot of offices. Maybe even yours. But with all the regulations
9 Safeguards for a HIPAA Compliant Fax Read More »
To encrypt or not to encrypt, that is the question. Or to put it another way: To convert readable data into gibberish that must be decoded to become readable again — or not to convert readable data into gibberish that must be decoded to become readable again, that is the question. The Health Insurance Portability
Cracking the Code of HHS Guidelines for Encryption of PHI Read More »
Let me set a scene where a Virtual Private Network (VPN) would be “just what the doctor ordered.” You’re out of town at a conference of healthcare professionals in your specialty. Before you left home, a colleague asked you to consult on a paricular case. She said she would email you the patient’s test results
The Pluses of a Virtual Private Network for Exchanging PHI Remotely Read More »
I’m going to talk a little bit today about audit trails — sometimes called “audit logs” — and the vital role they can play in your ongoing efforts to keep Protected Health Information (PHI) safe, your workforce honest, and hackers at bay. What is an audit trail? According to Fundamentals of Law for Health Informatics
Healthcare Providers: Why a Computer’s Audit Trail Is Important Read More »
In a previous blog I talked about the importance of email security in today’s healthcare practices. I focused mainly on the advantages of using secure HIPAA compliant email in communications with patients, and how that kind of communication can earn a doctor or dentist a high rating on social media and, quite possibly, a better
The Truth about HIPAA Compliant Email Read More »
The answer to that question is more complicated than a simple yes or no. “It depends,” says it best. The reason lies in the law itself. The lawmakers who crafted the HIPAA legislation went to great lengths, it seems to me, to make the mandate non-prescriptive.  HIPAA compliance doesn’t expressly require the use or avoidance
Is Texting PHI (Protected Health Information) Allowed by HIPAA? Read More »
For healthcare providers who’ve been putting off doing a risk assessment and developing a mitigation plan, Mary Barra, the CEO of General Motors, could make a compelling case against that kind of procrastination. If ten years earlier GM had identified the ignition switch in last year’s headlines as a potentially deadly defect and taken steps
HIPAA Risk Assessment: Lessons from General Motors Read More »
