Most soon-to-be HIM professionals fresh out of college want nothing more than to know what's going on inside the HIM director or manager's head. After all, it would help to know what a potential interviewer is thinking when you pop into that chair for your first interview for a potential HIM job, wouldn't it?
Eleven years ago, when hospitals and other healthcare facilities were on the cusp of the new HIPAA Privacy Rule, Kathleen A. Frawley, JD, MS, RHIA, FAHIMA, spoke words that were prophetic.
Q. Is it a HIPAA violation if a hospital receives a faxed Healthcare Effectiveness Data and Information Set (HEDIS) request and the hospital cannot identify the patient by full name, last name, or date of birth? These requests contain name, date of birth, provider, and the HEDIS Measure (Chlamydia screening, cervical cancer screening, cholesterol management, etc.) and last date of service of the patient. Typically, these faxed requests are from business associates of the patient's health insurance, but occasionally they come directly from the insurance company.
If there's one conclusion you can reach looking back at data breaches over the last decade, it's that organizations face more threats than ever, according to HIPAA professionals.
