Despite gains in compliance and security potentially linked to industry emphasis on the HIPAA Omnibus Rule, some dangerous gaps remain regarding corporate email and file transfer habits.
Watch out, HIPAA privacy and security officers. The criminals are coming, and they want to make money off of PHI your organization stores. It's one more thing to add to the growing list of compliance concerns covered entities (CE) and business associates (BA) have to worry about when protecting internal PHI.
You hear it over and over again. Covered Entity (CE) A failed to produce an ongoing risk assessment for HIPAA security compliance. CE B had an incomplete risk analysis, leading to a failure to recognize security weaknesses and vulnerabilities. And in come the fines.
When outpatient hospitals and physicians switch to ICD-10-CM diagnosis codes October 1, they will still continue to use CPT® codes to report procedures. But some facilities are planning to use the new procedure code set, ICD-10-PCS, as well.
When OCR resumes its HIPAA audits sometime this year, healthcare organizations can expect members of the audit team to focus on key issues identified by the federal agency.
