Historically, the healthcare revenue cycle has been dominated by fee-for-service (FFS) payment arrangements that reimburse providers for the volume of care they provide. These reimbursement models have always been tempered by medical necessity determinations to ensure that the care delivered to patients is in fact medically necessary. Over the past several decades, healthcare costs have been rising precipitously. In response, new payment models have been developed to curb that trend and to deliver more cost-effective care with higher quality and better outcomes.
Q: Is there a sample risk analysis about how an enterprise or clinic might evaluate and determine if data-at-rest protection through encryption is reasonable and appropriate as defined in the HIPAA Security Rule?
There's considerable confusion about what HIPAA means and what your obligations are under the regulations. I recently presented at a Midwest physician association conference. As is almost always the case, in the front row was an attendee just waiting for the Q&A session.
Release of information (ROI) is typically a function that is managed by the HIM department, but privacy and security officers often play a critical role in ensuring records remain secure during transmission.
