Secure text messaging presents challenges when it comes to ease of use and communicating with anyone who hasn't installed a like secure texting app. Until recently, secure texting was possible, but only if the sender and recipient both used the same mobile app. TigerText unveiled Fast Deploy® in 2014, and it's a game changer.
The healthcare industry is continuously evolving, and health information technology (HIT) is changing with it. Organizations should take advantage of the technology available to improve healthcare operations but must be aware of the risks that HIT can present.
Q: I work in long-term care and I am familiar with the language in HIPAA regulations regarding requests for electronic copies of medical records for a reasonable fee according to community standards. However, my company does not maintain its medical records in electronic form, nor do we presently have the capability of converting our paper records into electronic format. Our state legislature addressed the issue of "reasonable charges and community standards" by state statute in 2006 by providing a formula for every medical provider to follow state-wide for copy charges regarding paper copies.
Q: As part of the audit controls policy at my organization, we hired an external security vendor to collect and review logs from several critical servers. The vendor creates tickets for our IT staff when a potential incident is discovered during the daily log review. This supplements our own activity reviews of internally generated reports, and the vendor then uses them for its own review. Our internal staff never sees the reports the vendor uses for its review. Do the reports the vendor uses fall under the HIPAA requirement for retaining logs for six years? Should we compel the vendor to retain these reports?
