Q: I work at a marketing company, and we are trying to figure out what exactly we can put on a postcard. What is required, per HIPAA regulations, to be fully compliant if we were to do things like dental patient reminders? We would have patient information from the offices. How would we need to handle that information? What are we allowed to include in our designs?
HIPAA lays out specific requirements for breach response and reporting. Although most organizations might understand these requirements in theory, compliance is often tricky in practice.
Fresenius Medical Care North American (FMCNA), a multistate clinic and provider network specializing in chronic kidney failure treatment, agreed to a $3.5 million HIPAA violation settlement.
Q: If a patient accidentally puts the paperwork in the trash or on the table, and the information on the paperwork is visible to other patients or family members, is it a HIPAA violation?
As cyberattacks become more sophisticated and frequent, the old monitor logs or reliance on security information and event management tools just don’t cut it anymore; neither do old signature-based antimalware tools. Today, there are very sophisticated tools on the market that do a much better job of protecting the data and IT assets of covered entities and business associates.
