This month's HIPAA Q&A answers readers' questions about doctor's notes for employers, checking a neighbor's medical records, retaining records of out-of-state patients, and training temporary nursing staff.
A former Arkansas Children’s Hospital employee is under investigation for misusing patients’ personal health information for personal gain, according to an announcement from the hospital.
The HIPAA Security Rule requires information systems activity review, but a number of covered entities and business associates have yet to implement a robust security program that includes monitoring audit logs. Per the preamble to the Omnibus Rule, if audit logs are generated and you’re not looking at them periodically, that could be considered willful neglect.
OCR’s June cybersecurity report focuses on software bugs and patches designed to fix them. Software bugs can make your computer systems vulnerable and put electronic personal health information (ePHI) at risk.
