Q. A long-term care facility has deployed laptops that connect to a file server and are password protected. The laptops are not used to store PHI or other confidential data and are not removed from the facility. Do the laptop hard drives need to be encrypted?
The HIPAA Privacy Rule de-identification standard-Section 164.514(a)-includes two methods by which health information can be designated as de-identified: expert determination and safe harbor.
Citrix ShareFile offers a secure file-sharing solution that can be used to securely collaborate on documents, forward medical images to other healthcare providers, share treatment information with patients, and provide other ways to connect workforce members, healthcare entities, and individuals.
If there's one conclusion that OCR is ready to draw from the 115 HIPAA compliance audits conducted last year, it's that there is plenty of room for improvement.
HIM directors must revisit and potentially refine processes for patient record restriction requests and requests for electronic copies of medical records because of the HHS HIPAA omnibus final rule.
