HIM/HIPAA

The Washington legislature unanimously passed a bill in April that will shorten the state’s data breach notification time to 30 days, which is half the time required by HIPAA.

Q: Does HIPAA require encryption when sharing data over the internet? Should data be encrypted when it is being emailed to someone at the same facility?

The Office of Inspector General is stepping up audits of inpatient rehabilitation facility (IRF) claims. Use these expert tips to ensure your facility is coding and billing correctly for these services.

In this month's security Q&A, our expert answers questions on the location of data backups, telehealth services using video conferencing, cloud service providers outside the U.S., and more!

On April 18, the Office of Civil Rights (OCR) added five new answers to their FAQ section on the relationship between HIPAA and health apps that use patient information.

Q: Can a covered entity be fined for HIPAA violations even if there has not been a breach of PHI?

The medical record is a key communication tool for providers and plays a major role in surveys. Use these tips to ensure your facility is on top of The Joint Commission’s requirements.

There are fewer hoops to jump through when another provider requests a practice’s patient records than when an attorney requests them, but the requesting providers don’t have an automatic right to those records, and you can’t just hand them over.

Q: If a patient requests copies of his or her medical record, which is allowed by the Privacy Rule, is the patient required to pay for the copies?

AHIMA and ACDIS recently updated their collaborative practice brief “Guidelines for Achieving a Compliant Query Practice.” Learn what’s new and what you need to do.