The Year-Round Commitment to SRA Recommendations A Pillar of HIPAA Compliance As a covered entity or business associate, protecting sensitive patient information is not just a priority—it’s a legal and ethical obligation. HIPAA stands as the guardian of patient data, ensuring its security, privacy, and confidentiality. One of the cornerstones of HIPAA compliance is the...
While it’s easy to get caught up in the many, many words of policies and procedures, how your space physically looks and functions are just as important. Physical safeguards play a vital role in achieving HIPAA compliance and keeping sensitive data out of the wrong hands. Let’s look at six physical safeguards that every healthcare...
The Health and Human Services (HHS) Office for Civil Rights (OCR) is responsible for enforcing and protecting civil rights and privacy rights in the healthcare industry. With the increasing number of complaints and reviews regarding the Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health (HITECH) Act, the...
HIPAA & Tracking Technologies Tracking technologies such as Google Analytics and Meta Pixel are designed to collect and analyze user data for online activity. The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) recently issued a notification regarding these and the obligation to HIPAA from the covered entities...
Having an asset management plan is essential to your healthcare business. Similar to how you’d want a list of your household items for insurance coverage in the event of theft or loss, you need to know the details and access them quickly. Especially if an item goes missing or breaks. It is likely that your...
The HIPAA Security Rule mandates that covered entities must conduct a security risk assessment or SRA. This includes health care plans for individuals, government plans (Medicare, Medicaid, Obamacare), and employer-sponsored plans. Providers that conduct electronic health care transactions must comply with the Security Rule. This means conducting an SRA. It is recommended that this occurs...
Is Your Trash a HIPAA Violation? In the case of the New England Dermatology and Laser Center (NEDLC), their trash was a violation. And a costly one with a $300,640 fee attached. A security guard found a container with identifying information on the attached label. As a result, an investigation by the Department of Health...
The Office for Civil Rights (OCR) isn’t offering leniency just because you’re a small business. Action will be taken, despite the impact that a HIPAA fine can have on this sector of healthcare. And as eleven recent investigations prove the point, many of those were small practices. This brings the total to 38 enforcement actions...
18 HIPAA PHI Identifiers HIPAA regulations are in place to ensure that you protect and secure the patient data that as a healthcare business, you have access to and collect. The Department of Health and Human Services (HHS) has identified 18 patient identifier categories as it pertains to their guidance on satisfying the safe harbor...
“We’re being audited!” Those words strike fear and uncertainty in most of us – especially if you are in healthcare. But what actually happens in a HIPAA audit? Will a government official show up unannounced with a briefcase and ask for you to produce every bit of your business’s HIPAA documentation while sequestering your team...
Recent Comments