Q: We’ve had staff members handling PHI remotely for the past month or so. We have not experienced any data breaches to my knowledge, but I’m a little worried as I read about the surge in hacks and ransomware targeting healthcare entities. What are the most important steps we can take as an organization to minimize the risk of being exploited?
Two months into the COVID-19 pandemic, people are gradually beginning to return to work. What steps need to be taken to make sure data and devices are secure?
Q: When dealing with a public health emergency, which disclosures are permitted to the media and which are not? Does HIPAA allow for any identifiable information to be disclosed to news organizations if the intention is to protect the public at large?
As soon as the novel coronavirus (COVID-19) entered the United States, reports began to surface detailing an increased rate of cyberattacks against healthcare entities. That trend is unlikely to change anytime soon.
Q: Like other hospitals, we have had many patients transported via ambulance with COVID-19 symptoms. Once these patients are tested for the virus, are we permitted under HIPAA to disclose their test results to the first responders who treated them and brought them to the hospital?
