If there's one conclusion you can reach looking back at data breaches over the last decade, it's that organizations face more threats than ever, according to HIPAA professionals.
As an HIM director, you are responsible for the integrity of your patients' records-even when your hospital shuts down certain wings of the facility or closes its doors entirely.
Editor's note: The following is adapted from the HCPro book The HIPAA Omnibus Rule: A Compliance Guide for Covered Entities and Business Associates, by Kate Borten, CISSP, CISM, president of The Marblehead Group in Marblehead, Mass. To learn more about the book, go to www.hcmarketplace.com.
There is some common ground in the corrective action plans (CAP) that OCR has imposed on healthcare organizations it has investigated for HIPAA privacy and security deficiencies.
Q. We are a claims repricer and maintain a secure claims department. When outside vendors, such as building maintenance people, enter the secure area, are they required to sign a logbook indicating what time and date they entered and exited the claims department?
