HIM staff members have a lot on their plates right now, but one more looming deadline needs to be on their radar—the Federal Trade Commission (FTC) will begin to enforce its Red Flags Rule June 1. Hospitals must have an identity theft prevention program in place by that date.
Security breach notification requirements, according to Briefings on HIPAA's HIPAA and HITECH February survey of healthcare providers. Most of the nearly 600 respondents were HIPAA compliance officers and HIM directors.
Breach notification was the top challenge for 39% of respondents, followed by amending and creating business associate (BA) contracts at 18%. The response took Chris Simons, RHIA, by surprise. Simons serves as director of utilization management and HIM and privacy officer at Spring Harbor Hospital in Westbrook, ME.
Many healthcare organizations have pondered these questions. Now OCR has turned its attention to this topic, and healthcare organizations need to prepare for compliance.
Account numbers reported to the state are considered patient-identifiable information. Therefore, you must include them in an accounting of disclosures in response to patient requests.
Jaspinder Grewal is a self-described "techie" who knows that developing cost-effective techniques to ensure HIPAA compliance is important for healthcare organizations.
Grewal, who is project lead for application services at Mount Sinai Hospital and Medical Center in Chicago, shared his ideas during the 18th National HIPAA Summit, held February 2–5 in Washington, DC.
