MRB asked HIM and release of information (ROI) professionals about their ROI practices for its first quarterly benchmarking survey of 2015. (The survey was completed in October 2014.) Half of survey respondents are HIM directors or managers (52%). Other respondents identified themselves as non-managerial HIM staff members (18%) or ROI directors or managers (4%). The majority of respondents (65%) work in hospitals.
While organizations should focus on performing regular risk assessments and analyses, there are also other ways in which they must review their systems for compliance. Often, these other evaluations are overlooked despite their value, says Kevin Beaver, CISSP, an information security consultant in Atlanta. In particular, organizations should be careful not to forget about performing vulnerability assessments and penetration tests, which are components of an overall risk assessment or analysis, says Beaver, who is a BOH editorial advisory board member.
Q: If someone calls a facility to schedule an appointment for a patient, is it a violation of HIPAA to admit the patient receives care at the practice? For example, the practice where I work often helps victims of domestic abuse. We received a call from a patient's estranged spouse who asked to schedule an appointment for the patient when, in reality, he was trying to determine the whereabouts of his spouse so he could harm her. I realize this is a safety issue but wonder whether it is also a HIPAA issue.
Mobile devices have changed the way people share and access information in their personal and professional lives. Smartphones and tablets may make it easier and faster for people to communicate, store, and access information, but they present risks if lost, stolen, or hacked. This can be especially challenging in the healthcare industry as it has become common for providers to use various mobile tools, including smartphones, laptops, notebooks, tablets, phablets, personal digital assistants, USB devices, digital cameras, and radiofrequency identification devices, to communicate with colleagues and access applications.
