News & Analysis

HIPAA Q&A: Employee training, NPPs, verbal consent, accounting of disclosures, and reporting violations

January 1, 2014
HIM Briefings

Q . Are HIPAA policies and training required regardless of the number of employees at a facility? For example, must a three-provider clinic provide HIPAA training?

Tips for working with OCR investigators

January 1, 2014
Briefings on HIPAA

Ask HIPAA privacy and security officers what they dread most and an OCR investigation will be high on their list.

Security Q&A: Accounting of disclosures, notices of privacy practices, cloud vendors, smartphone apps

December 1, 2013
Briefings on HIPAA

I am updating the notice of privacy practices and accounting of disclosures policy for my organization. Do any of the new, finalized rules indicate that the accounting of disclosures covers disclosures for treatment, payment, and healthcare operations?

An inside look at one healthcare organization's OCR audit experience

December 1, 2013
Briefings on HIPAA

UK HealthCare's Chief Compliance Officer R. Brett Short knew he was in for a rough day as soon as he saw the email from his organization's privacy officer.

How encryption can help prevent breaches of PHI at your organization

December 1, 2013
Briefings on HIPAA

Encryption. Encryption. Encryption. It's almost impossible to listen to a HIPAA security expert talk about healthcare security and not hear that word.

'Tis the season for giving: Privacy and security officers share HIPAA tips and strategies

December 1, 2013
Briefings on HIPAA

It's the season of giving and in that spirit, BOH asked some privacy and security officers to share their best tips to help others.

Pages