Even though telephone conversations and answering machines are considered outdated or passe to some people, it remains necessary to sometimes leave a message for the intended call recipient. In healthcare, voice messages are often necessary for appointment reminders, follow-up calls, and communication to patients. Within the realm of HIPAA, what are you allowed to say?...
March 1st, 2022 is the deadline for breach reporting for HIPAA-covered entities and their business associates – and the date is fast approaching! The HIPAA Breach Notification Rule requirement means that HIPAA-covered entities, as well as any of their business associates, notify the appropriate parties, including the Office for Civil Rights (OCR) Secretary of Health...
In simple summary, a Business Associate Agreement (BAA) is a legal contract that exists between a Covered Entity and a Business Associate who comes into contact with Protected Health Information (PHI). Sometimes called a Business Associate Contract, it is critical and required to maintain HIPAA compliance. With the main bulk of PHI being stored electronically,...
Recently the Department of Health and Human Services (HHS) along with the Office for Civil Rights (OCR) issued an announcement regarding extreme risk protection order (ERPO) laws and the disclosure of protected health information (PHI). This published model was created as a way to provide each state with a framework to consider as they implement...
As we wrap up another calendar year, getting ready for holiday break means wrapping up more than presents. Take a moment to go over a few items that you should review to make sure they are done for 2021 or ready to go in the new year. Security Risk Assessment A Security Risk Assessment, or...
The HIPAA Security Rule requires healthcare providers and their business associates to implement physical, technical, and administrative safeguards to protect the electronic Protected Health Information (PHI) that they utilize. It establishes national standards to protect that information. These standards apply not just to covered entities, but any organization that handles PHI – including subcontractors and business associates. Administrative safeguards (also called...
Before you buy a home, an inspection is completed as a way of exposing any potential issues to you as a buyer. This can give you leverage when it comes to purchasing price negotiation since these liabilities can often present risks to you as a resident. Those risks can come in the form of cost...
Recently The HHS Office for Civil Rights (OCR) shared a comprehensive list of resources for any HIPAA-regulated entity to assist them in the prevention, detection, and mitigation of data breaches of protected health information that occurs because of hacking or ransomware. As a covered entity or business associate under HIPAA compliance, an attack on your...
Accessibility is Here to Stay Health Information Technology (Health IT) is an always evolving realm, with new tools coming to market as fast as we can master the old ones. With the advancement of technology comes a need for new software and security to maintain these systems. This past year has been one example of...
There was a time when you would walk into any doctor’s office and the sliding walls or file cabinets of patient folders seemed endless. Guarded like vaults, all the information safely under lock and key. And in addition to patient data, there is employee data, which likely contained personal and banking records. The “really” important...
Recent Comments