Q: Can an independent radiology facility mail postcards with a reminder that it's time for patients to schedule? The postcard would include the patient's name and address, obviously, but then either a check mark by screening mammogram or the words “follow-up exam.”
Q: We recently took a survey and many of our employees admitted to saving their passwords in a Word® document or a Notes® file on their phone. Is this riskier than having passwords written down on paper and stored in a safe place at work or home? How can we discourage employees from writing down their passwords anywhere?
The healthcare industry in the United States has experienced a significant increase in ransomware attacks, and the trend has continued upward during the novel coronavirus (COVID-19) pandemic.
Q: In many school districts, children are required to complete immunizations before beginning school. Does a healthcare provider need to obtain consent from a parent to disclose proof of the student's immunization to the school district?
From a compliance and security standpoint, few tasks are more important for healthcare organizations than the creation and regular maintenance of an information technology (IT) asset inventory.
Q: If an individual requests an electronic copy of protected health information (PHI) and the covered entity (CE) maintains that particular record only on paper, what is the standard procedure? Can a paper copy suffice? Does the covered entity need to find a way to deliver the record electronically?
