Q . Is it permissible to take pictures of patients (including behavioral health) for identification purposes as a part of the registration process? Do the patients need to sign a consent form before their picture can be taken?
Medical identity theft is on the rise and healthcare organizations need to ensure they are authenticating a patient's identity before providing medical services and products.
Every healthcare organization should develop and implement a policy and a well-defined process that provides guidance for managing incident and breach response.
It's a brave new world out there for business associates (BA). BAs needed to comply with the HIPAA Security Rule and the use and disclosure provisions of the Privacy Rule in February 2010 as a result of the HITECH Act. However, the Office for Civil Rights (OCR) held off on any enforcement activities-that is, until recently.
