Theft or loss of paper records, desktop computers put organizations at risk

August 1, 2010
Briefings on HIPAA

Incidents involving paper records and desktop computers are second and third most common on the growing list of privacy breaches reported on the OCR website. (The No. 1 reason for privacy breaches re-mains the loss or theft of laptop computers and other portable devices. Briefings on HIPAA looked at ways to prevent those types of privacy breaches in the June issue.)

HITECH creates new privacy challenges for healthcare organizations; individuals gain stronger rights

August 1, 2010
Briefings on HIPAA

The HITECH Act includes new privacy requirements that allow for stronger individual rights to access electronic health records (EHR) and restrict the disclosure of certain PHI.

HIPAA proposed rule extends compliance to BA subcontractors; BAs liable for subcontractor breaches

August 1, 2010
Briefings on HIPAA

On July 8, HHS released a proposed rule to modify the HIPAA privacy, security, and enforcement rules, extending HIPAA compliance requirements to subcontractors of business associates (BA) and strengthening patient rights to health information privacy.

Use this checklist to help evaluate your organization

August 1, 2010
Briefings on HIPAA

The HIPAA Security Rule requires covered entities (CE) to conduct periodic evaluations of their information security programs.

However, Phyllis A. Patrick, MBA, FACHE, CHC, wonders how many organizations have completed the kind of evaluation the Security Rule standard requires.