In recent months, OCR has expressed concern that providers and other covered entities may be reluctant to inform and involve the loved ones of individuals facing health crises like opioid use disorder for fear of violating HIPAA. Here, we look at some common misconceptions about privacy under HIPAA and point to the information that patients and families need to know.
Keeping your privacy, security, and breach notification policies and procedures up to date is part of HIPAA compliance, and this requires regular audits and monitoring.
Not only does your organization need appropriate policies and procedures in place to comply with HIPAA, you also need to make sure that staff members follow those policies and procedures. It’s not an easy task, and each organization has its own way of auditing compliance.
In this month's HIPAA Q&A, our expert answers questions on medical record requests, health insurance exchanges, fines when there has been no breach of PHI, and mandatory encryption.