Q: Does the HIPAA Privacy Rule strictly prohibit the disclosure or request of an entire medical record? If not, does there need to be a case-by-case justification every time an entire record is disclosed?
The Office for Civil Rights (OCR) reached a settlement with Bayfront Health St. Petersburg, a Florida hospital, for allegedly violating the HIPAA Privacy Rule’s right of access provision when it failed to give a mother timely access to her unborn child’s records, according to an OCR press release.
Q: I work for a small rural hospital, and we have a lot of budget limitations for technology upgrades. Can we allow clinical staff to use their personal cell phones and mobile devices to communicate with patients? If so, how can we keep our calls, email, and text messages HIPAA compliant?
HHS wants to update confidentiality rules that govern the medical records of substance use disorder patients, according to a proposed rule released August 22.
Q: We do in-depth HIPAA assessments for our clients, but some clients want a simple assessment that they can keep up with them to maintain compliance. Do you have any recommendations for streamlining security assessments?
Q: I work in a residential care facility, and we have smart speakers in some resident rooms. Patient information is discussed where these smart devices can “hear” it. Although most manufacturers claim speakers are not “listening in,” we all hear about how speakers sometimes do what manufacturers say they do not. Could these speakers lead to a HIPAA violation?
A Kentucky community health center paid hackers $70,000 in bitcoin to regain access to its computer systems after suffering its second ransomware attack in three months.
