CMS Emergency Preparedness Rule Takes Effect Nov. 15

In the wake of Hurricanes Harvey, Irma and Maria, the November 15, 2017 deadline for new Centers for Medicare and Medicaid Services regulations on emergency preparedness seems all the more critical. Hundreds of facilities were devastated by flooding and damage, leaving them without vital patient data and at risk of security breaches and Health Insurance Portability and Accountability Act violations. [...]

By |2017-10-13T10:37:21-07:00October 10, 2017|

Don’t Hit Reply: Why Your Company Could Violate HIPAA by Responding on Social Media

Does your health care company have a website, Yelp or Google profile, Facebook page, or a Twitter, Instagram or LinkedIn account? Do your patients have the ability to post or make comments on these different social media platforms? If you answered yes to both of these questions, your company should be concerned about potential exposure to the Health Insurance Portability [...]

By |2016-12-27T11:06:24-07:00May 23, 2016|

OCR Announces Phase 2 HIPAA Audit Launch

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) announced on March 21 that Phase 2 of its HIPAA audits is underway. More than 200 covered entities and business associates will be audited for potential violations of the privacy, security, and breach notification rules. Covered entities include individual and organizational health service providers, health plans, and health [...]

By |2016-12-27T11:06:25-07:00April 18, 2016|

New Guidelines Make It Easier for Patients to Access Medical Records

Most of us have heard of HIPAA, the Health Insurance Portability and Accountability Act of 1996, and know that it provides strong protection for the privacy of personal medical information. It also grants patients broad access to their own personal health information. Or at least it’s supposed to do that. Officials at the Department of Health and Human Services (HHS) [...]

By |2016-12-27T11:06:28-07:00February 2, 2016|

Texting Patient Information: BTW, Do U Know the Risks?

Does HIPAA allow health care providers to text protected health information (“PHI”) within an organization or to another health care provider? It is not expressly prohibited by HIPAA, but whether it is safe mostly depends on the adequacy of the controls used to safeguard PHI. Covered Entities, including health care providers, must comply with HIPAA Privacy and Security Rules to [...]

By |2016-12-27T11:06:52-07:00January 13, 2015|

Essential Estate Planning: Signing a HIPAA Authorization Form

Most people are familiar with HIPAA and what the acronym generally refers to, but not everyone thinks to account for HIPAA requirements in their estate plan. A signed HIPAA authorization form, however, should be included with any medical directive you create. HIPAA is the Health Insurance Portability and Accountability Act passed by Congress in 1996. The act was created to [...]

By |2016-12-27T11:06:56-07:00November 4, 2014|

Security Risks Raise Liability Questions for Hospitals

Recent media coverage of security risks to hospital equipment and systems, and the possibility of incredibly costly liability issues associated with those risks, serves as a timely reminder to hospitals and other health care organizations to strengthen policies and procedures created to protect the privacy and security of their patients and maintain compliance with the Health Insurance Portability and Accountability [...]

By |2016-12-27T11:07:08-07:00May 27, 2014|

Stimulus Bill Expands HIPAA Privacy Law

On February 17, 2009, President Obama signed the American Recovery and Reinvestment Act (otherwise known as the "Stimulus Bill") into law. Embedded in the lengthy Stimulus Bill is the Health Information Technology for Economic and Clinical Health Act ("HITECH Act") which significantly expands the scope of HIPAA. Many of the law's new HIPAA requirements take effect at the beginning of [...]

By |2016-02-01T08:46:36-07:00May 28, 2009|