Consumer-facing health apps and personal health records are booming, and some covered entities such as health plans or clinics leverage these services to help patients. But it can sometimes be difficult to determine whether these vendors fall under HIPAA or not.
This month's security Q&A answers readers' questions about accounting of disclosures, providing information to marketing departments, unencrypted emails, and terminating BAAs.
This due digilence checklist will help track and evaluate document requests, warn of privacy and security issues, and provide a basis for determining action plans and resources required to integrate privacy and security programs.
Effective privacy and information security programs start with attention to governance. These eight guidelines will help establish and measure privacy and information security structure and processes.
Despite the last-minute changes, MOON implementation went smoothly for many hospitals. But the full impact won't be visible until hospitals can determine how, and to what extent, the MOON will play into audits.
