The time for healthcare organizations to undertake a review of their operations is now-OCR anticipates that its long-awaited HIPAA compliance audit program will be under way this fall.
Business associates (BA) may not be the target of upcoming HIPAA compliance audits, but failure to comply with the regulations could be very costly, says Tom Dumez, CHP.
The May tornado that destroyed a medical center in Joplin, MO, raised an important question: How can healthcare providers protect patients' PHI when disaster strikes?
Q Our authorization form for release of information requires patients to sign separate lines to authorize release of sensitive information, such as sexually transmitted diseases, substance abuse, and genetic information. We understand that very few other covered entities do this. Is this a legal requirement? And if so, may we change our form to state that all information will be released unless the patient indicates otherwise?
Organizations have had their chance to weigh in on the proposed accounting of disclosures rule, and some larger ones don't exactly see it working as written. Here is what some organizations had to say.
September has always been synonymous with students returning to the classroom. While that may not be reason enough to review the HIPAA Privacy Rule, a more compelling reason to dust off the HIPAA education materials might be the government's increase in enforcement efforts.
A long-awaited notice of proposed rulemaking (NPRM) required by HITECH for accounting of disclosures includes some anticipated changes and some surprises.
Social networking and its related communication vehicles pose significant privacy and security challenges for healthcare organizations, says Chris Apgar, CISSP.
