Touchstone Compliance

Protected Health Information

The Basics of Mobile Device Security for Protected Health Information

The single most common way Protected Health Information (PHI) is compromised is through the loss of devices themselves, whether this happens by accident or by theft. Technology — thumb drives, CDs, smart phones, tablets — has made it possible for large amounts of information to be tucked into our pockets or purses and carried to […]

The Basics of Mobile Device Security for Protected Health Information Read More »

Basics of a Good Business Associate Agreement for HIPAA

When it comes to safeguarding Protected Health Information (PHI), you could say, “It takes a village.”  The Omnibus Rule underscores the fact that protecting patients’ health information and their right to privacy is the responsibility today not only of healthcare providers, but also of their business associates (BAs) whose work requires them to access PHI.

Basics of a Good Business Associate Agreement for HIPAA Read More »

Basic Guide to Thwarting Theft of Protected Health Information

Fact: According to the latest HIPAA and Breach Enforcement Stats from the Office of Civil Rights (the arm of Health and Human Services responsible for HIPAA enforcement), theft is the leading cause of reported breaches. Last year, as a direct result of a breach report of a stolen unencrypted laptop, Concentra Health Services paid OCR

Basic Guide to Thwarting Theft of Protected Health Information Read More »

Urban Legends & the HIPAA Risk Analysis

Strange as it might seem, HIPAA compliance and the New York City sewer system share a connection. Both have given rise to “stories with little or no supporting evidence that spread spontaneously in varying forms and often have elements of humor, moralizing, or horror” — in other words, both contain  the stuff of “urban legends.”

Urban Legends & the HIPAA Risk Analysis Read More »

Why Serious HIPAA Enforcement Is Inevitable

To borrow a phrase from Stephen Colbert, the Office of Civil Rights (OCR) — the department in charge of HIPAA enforcement — got a “wag of the finger” a while back from the Health and Human Services Office of the Inspector General. And that’s bound to have an impact on healthcare offices everywhere. A November

Why Serious HIPAA Enforcement Is Inevitable Read More »