HIPAA

Q A patient signed an authorization form eight months ago, and her attorney is now submitting it to obtain a copy of her medical records. Is this authorization still valid, or do we need to get the patient to sign a new authorization?

Breaches are expensive and can be directly related to sending PHI unencrypted over the Internet. There are a number of vendors who offer secure messaging tools but not all are equal. Protected Trust is more than just a secure messaging solution. Protected Trust's application also includes tools to assist with broader security control implementation and compliance with HIPAA and HITECH.

They call William R. Braithwaite, MD, PhD, "Doctor HIPAA" for a reason.

Test staff members' knowledge of HIPAA with these questions from readers.

Q A fax containing PHI is sent to an incorrect fax number. Did the covered entity (CE) or business ­associate (BA) violate HIPAA? Must the patient disclosure ­accounting record include this incident?

The security of PHI is no longer the exclusive domain of covered entities (CE).

Undocumented policies and procedures are among the top five stumbling blocks to HIPAA compliance that Chris Apgar, CISSP, finds when he audits healthcare organizations.

Could a data breach be life-threatening?

Test staff knowledge of HIPAA with these questions.

The time for healthcare organizations to undertake a review of their operations is now-OCR anticipates that its long-awaited HIPAA compliance audit program will be under way this fall.