Q: We’re looking into have our coding outsourced to a company based in India. I’m assuming that HIPAA does not apply to a foreign company. What are the potential HIPAA risks for us? If we discover that the outsourced company experienced a breach, would we still be liable? What do we need to be aware of in terms of HIPAA compliance?
With massive data breaches rocking industries and the public, and policymakers scrutinizing how organizations respond, it’s time to dust off policies and ensure organizations have meaningful, compliant reporting and response plans.
Q: If a news crew is reporting on an event or a notable individual who is a patient and they have a film crew stationed outside the hospital, are we responsible under HIPAA for stopping them? If ambulances and patients are visible in the background, is that a HIPAA violation? Can we go off of our property to ask them to move or remove their cameras?
HIPAA compliance and enforcement saw its share of highs and lows in 2017. As the year comes to a close, it’s a good time to look back on what your organization has learned—in terms of personal growth and lessons gleaned from other organizations.
Q: Is it a HIPAA concern if a patient and/or visitor takes photos or videos in which other patients, intentionally or not, appear? Are we required to forbid or prevent patients and visitors from taking photos or filming? If so, where is this requirement specified?
