Blockchain technology solutions have recently become a hot topic in the healthcare industry. Before considering blockchain as a future security solution, it is important to understand what it is, how it could work for medical facilities, and what the risks and benefits are.
A Senate bill aims to create regulations that would fill in gaps left by HIPAA to protect consumers’ private health data collected by health tracking devices, apps, and DNA testing kits.
Medical Informatics Engineering, Inc., an Indiana-based medical records service has agreed to a $100,000 settlement with OCR and a $900,000 multi-state settlement with 16 state attorney general offices for a HIPAA breach that compromised the protected health information of approximately 3.5 million people.
Q: I have heard that HIPAA says covered entities must keep data backups a minimum of five miles away from the original site where the data was collected. Is this correct? Are there any restrictions or guidance about the location of data backups?
Q: I work for a behavioral health recovery center, and many of our programs fall under 42 CFR Part 2, as we provide substance use services. Sometimes a referring agency follows up to ask if a client has scheduled an appointment. Can we confirm that a patient has made an appointment? Do referral appointments like this fall under PHI?
In June 2018, the state of California passed the California Consumer Privacy Act of 2018 (CaCPA), which has implications for healthcare professionals doing business in California, but with other states proposing similar bills, it’s worth taking a look to see what these privacy laws mean for HIPAA compliance and privacy more broadly.
It can be impractical for medical researchers to seek authorization from all the patients whose medical records are sought for a study. That’s why HIPAA allows researchers to use de-identified PHI from records without individual authorization.
In this month's security Q&A, our expert answers questions on smart devices used in residential care, security incidents vs. security breaches, clinical staff using personal cell phones, and more.
