By Matt Fisher – Communication by text or email is a part of daily life. Such forms of communication occur non-stop and through a variety of means whether it be Gmail, WhatsApp, iMessage, or any other number of services.
Read More
By Matt Fisher – Regulatory schemes for the protection of data, whether healthcare or otherwise, are often criticized in the US for being fragmentary and siloed. No coordinated regulatory framework exists because that is not the way the law was implemented.
By Rita Bowen – As of September 30, 2013, the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) has received over 141,754 complaints. Over 24,500 of these led to OCR investigations, resulting in required changes to privacy practices, corrective actions or technical assistance.
By Mike Semel – The Office for Civil Rights announced that the new permanent audit program has started. On July 11 letters were sent BY E-MAIL (check your junk mail folders!) to 167 health plans, health care providers, and health care clearing houses (all HIPAA Covered Entities) notifying them that they have to send in documentation for a ‘desk audit.’ They will have 10 days to send in the required materials for review.
By Matt Fisher – A patient contacts their physician’s office and asks for a copy of their medical record. The expected response would seem to be obvious. Sure, we will copy the record and send it to your shortly. Not only will the record be sent, but it will be sent in an easily accessible format and exactly as requested.
By Matt Fisher – The HIPAA Privacy Rule is an aspect of HIPAA that does not necessarily receive much attention. Most of the recent settlements and breach actions related to violations of the HIPAA Security Rule. The Security Rule offers more glamour from the press perspective because cybersecurity, hacking and other activities attract headlines.
By Gene Fry – The HIPAA conduit exception rule is only applicable to providers of purely conduit services who do not have access to protected health information (PHI) other than infrequently or randomly. For this reason, conduit providers do not have to sign a Business Associate Agreement (BAA). But what exactly is a conduit service, and when does the HIPAA conduit exception rule apply?
By Kirk J Nahra – By now, most people have felt the effects of the HIPAA Privacy Rule (from the Health Insurance Portability and Accountability Act). HIPAA has set the primary standard for the privacy of healthcare information in the United States since the rule went into effect in 2003.
By Art Gross – The Department of Health and Human Services Office of Inspector General has issued a report that is critical of the Office for Civil Rights. OIG concluded that OCR is not fulfilling its responsibility to enforce HIPAA regulations that safeguard protected health information (PHI) and to ensure that organizations protect patient’s privacy.