Business associates (BA) may not be the target of upcoming HIPAA compliance audits, but failure to comply with the regulations could be very costly, says Tom Dumez, CHP.
A long-awaited notice of proposed rulemaking (NPRM) required by HITECH for accounting of disclosures includes some anticipated changes and some surprises.
Just three weeks before a devastating tornado roared through Joplin, MO, St. John's Regional Medical Center transitioned to an electronic health record (EHR) system that it credits with aiding its disaster recovery.
HITECH was the trigger for a global HIPAA policy review at North Shore-Long Island Jewish Health System (North Shore-LIJ) in Great Neck, NY. This was no easy task; North Shore-LIJ includes a medical school, a research institute, 15 hospitals, more than 200 ambulatory care centers, over 5,600 beds, and a total workforce of more than 42,000 employees.
Q Is it permissible to allow hospital employees who have been granted access to PHI through the workforce clearance procedure to access their own PHI through the electronic medical record (EMR) without first signing a release or authorization?