As we wrap up National Cybersecurity Awareness Month, we’re going to take a look at the importance of protecting your physical devices. The panic that sets in when you misplace your phone or laptop is overwhelming. But that feeling is amplified if that device contains patient information or access to it. When we mention your...
The HIPAA Security Rule mandates that covered entities must conduct a security risk assessment or SRA. This includes health care plans for individuals, government plans (Medicare, Medicaid, Obamacare), and employer-sponsored plans. Providers that conduct electronic health care transactions must comply with the Security Rule. This means conducting an SRA. It is recommended that this occurs...
The HHS Office for Civil Rights (OCR) has announced resolutions regarding three HIPAA violation investigations. These settlements result from a years-long emphasis on enforcing this regulation by the OCR. There were three dental practices that were given fines with regard to the potential violation of the HIPAA Privacy Rule’s patient right of access. Recently appointed...
Is Your Trash a HIPAA Violation? In the case of the New England Dermatology and Laser Center (NEDLC), their trash was a violation. And a costly one with a $300,640 fee attached. A security guard found a container with identifying information on the attached label. As a result, an investigation by the Department of Health...
Even though telephone conversations and answering machines are considered outdated or passe to some people, it remains necessary to sometimes leave a message for the intended call recipient. In healthcare, voice messages are often necessary for appointment reminders, follow-up calls, and communication to patients. Within the realm of HIPAA, what are you allowed to say?...
The Health Insurance Portability and Accountability Act, or as it is commonly known as HIPAA, was created to set standards nationally. These are in place to protect the personal health information and medical records of individuals as well as give them access easily. As the March 1st deadline for reporting a breach draws closer, knowing...
March 1st, 2022 is the deadline for breach reporting for HIPAA-covered entities and their business associates – and the date is fast approaching! The HIPAA Breach Notification Rule requirement means that HIPAA-covered entities, as well as any of their business associates, notify the appropriate parties, including the Office for Civil Rights (OCR) Secretary of Health...
It’s fast and easy, and you can often work more efficiently with an email exchange than if you must make phone calls or schedule appointments to discuss patient care. But where does that exchange fall when it comes to HIPAA compliance? The HIPAA Security Rule introduced several requirements to consider before an email can be...
Recently the Department of Health and Human Services (HHS) along with the Office for Civil Rights (OCR) issued an announcement regarding extreme risk protection order (ERPO) laws and the disclosure of protected health information (PHI). This published model was created as a way to provide each state with a framework to consider as they implement...
HIPAA Right to Access Initiative is Alive & Well In 2019 we witnessed the Office for Civil Rights (OCR) make it public that they were going to up their efforts when it came to enforcing the rights of an individual to access their health records. This is known as the HIPAA Right of Access initiative. ...
© 2026 · HIPAA Secure Now!
Recent Comments