News & Analysis

Review patient authorization before responding to attorneys; state law sometimes preempts HIPAA

July 1, 2010
Briefings on HIPAA

Q. Must patients receive a paper copy of our Notice of Privacy Practices during every encounter at our facility?

Prepare your organization to respond appropriately if a breach of unsecured PHI occurs

July 1, 2010
Briefings on HIPAA

A major privacy breach can carry a heavy price for a healthcare organization, and its response can indicate how big a price it ultimately pays.

Safeguard portable devices with education, policies

July 1, 2010
Briefings on HIPAA

Because of the high risk that laptop computers and other portable devices create for a potential privacy breach, healthcare organizations should consider creating an easy-to-understand training guide that describes staff members’ responsibilities.

HIPAA Q&A: Census disclosures may violate HIPAA; consider sign-in sheet alternatives in waiting area

June 1, 2010
Briefings on HIPAA

Q. We are an MRI facility, and our services are referral- based. Faxing MRI reports to referring providers after radiologist review is our standard procedure. Patients can schedule follow-up appointments with referring providers to obtain results of their MRI scans. Patients regularly request a copy of the report at the time of their MRI scans or within several days of the scan when they pick up a copy of MRI films. 

Does HIPAA require us to provide patients a copy of the report even when the provider has not interpreted the report and image?

Lesson learned: Protect PHI when staff member leaves

June 1, 2010
Briefings on HIPAA

The privacy breach at Griffin Hospital in Derby, CT, raises red flags for healthcare organizations (see related story on p. 6).

Beware: Laptop computers create a major risk

June 1, 2010
Briefings on HIPAA

If staff members in your healthcare organization use laptop computers, you’ve just identified a major risk factor for privacy breaches.

Pages