Q. Is it a HIPAA violation if a hospital receives a faxed Healthcare Effectiveness Data and Information Set (HEDIS) request and the hospital cannot identify the patient by full name, last name, or date of birth? These requests contain name, date of birth, provider, and the HEDIS Measure (Chlamydia screening, cervical cancer screening, cholesterol management, etc.) and last date of service of the patient. Typically, these faxed requests are from business associates of the patient's health insurance, but occasionally they come directly from the insurance company.
Reliable data backup is critical. If a backup is not in place and your system crashes, you not only have a HIPAA compliance problem, but you may not be able to support your critical operations. IDrive® is a secure backup service that provides "ready when you need it" backup restoration and meets the National Institute of Standards and Technology safe harbor encryption standard.