Health IT Security and Compliance

HIPAA Right of Access Goes to the Dentist

By Matt Fisher – Covered entities as defined by HIPAA come in various types and shapes. It is not just a physician’s office or a hospital. Any entity that provides healthcare services and bills insurance (very gross oversimplification) can and likely does qualify as a covered entity.


HIPAA & Cybersecurity Insurance

By Art Gross – Healthcare businesses need to be aware of the requirements that come with a cybersecurity insurance policy. In a world of online profiles, splashy websites, and great social media campaigns, businesses can misrepresent themselves in more ways than one.


Long Trail for Extra Tissue Samples

By Matt Fisher – In healthcare, many layers always exist around seemingly each and every issue. The ongoing utilization of extra blood from newborn heel stick samples provides the latest example. The concerns raised go to privacy and informed consent as the primary issues.


HIPAA Compliant Chat

By Art Gross – Being available to your patients 24/7 isn’t practical for most healthcare practices. Chat services can provide a response option or even resolution until normal business hours resume. Additionally, chats can offer initial patient care or registration services.


Garbage Can Cause HIPAA Issues

By Matt Fisher – Throwing out the trash is an everyday occurrence whether in personal or business life. However, when it comes to healthcare organizations, it is necessary to think about what trash goes where. The consideration goes beyond the difference between regular waste and hazardous medical waste.


Portability in HIPAA

By Art Gross – There are many aspects of HIPAA. And sometimes there isn’t a clear understanding of what it covers. We also find that it is the “P” that often trips people up. Because of the strong emphasis on confidentiality, security, and safe handling of information, there is an assumption that the word Privacy is part of the title.



NIST and HIPAA

By Art Gross – The National Institute of Standards and Technology has provided updated guidance for the health care industry. Designed to help with electronically protected health information, they have created a new draft titled Implementing the HIPAA Security Rule: A Cybersecurity Resource Guide.