HIPAA

Organizations need to determine whether they have fully implemented the Security Rule. The HIPAA Security Rule has been around for a while, but many organizations have not implemented all of its ­requirements.

It's akin to waiting for the proverbial "other shoe" to drop.

HITECH changed the obligations of business associates (BA), and it did so dramatically.

A group of prognosticators asked to predict what lies ahead in 2011 says the healthcare industry faces new and continuing challenges as it works to protect the ­security and privacy of patients' PHI.

With newfound authority, some state attorneys general (AG) are beginning to take aim at covered ­entities (CE) that run afoul of HIPAA's Privacy and Security Rules.

Q. I work in patient financial services at a hospital. Like me, several of my coworkers have aging parents. Sometimes at lunch, we discuss the medical problems of our parents, who are not patients at our hospital. My supervisor says these discussions of family members' medical problems violate HIPAA. Is this true?

Use this tool to test staff members’ HIPAA knowledge.

Lack of trained staff is a major cause of data breaches, according to healthcare organizations.

The challenge of complying with HIPAA privacy and security requirements is significant for physicians,  particularly those in small practices, says Robert Rowley, MD, whose Hayward, CA, office has functioned without paper records since 2002.

Q. May a preadmission nurse leave messages (e.g., “This is a reminder that your surgery is tomorrow; please don’t drink or eat anything after midnight.”) on an answering machine or mobile phone voice mail?