In recent months, OCR has expressed concern that providers and other covered entities may be reluctant to inform and involve the loved ones of individuals facing health crises like opioid use disorder for fear of violating HIPAA. Here, we look at some common misconceptions about privacy under HIPAA and point to the information that patients and families need to know.
Earlier this week, HHS’ Office of Civil Rights sent out a reminder that public comments to their request for information on improving care coordination and reducing the regulatory burdens of HIPAA are due by February 12, 2019.
In this month's HIPAA Q&A, we answer your questions about making changes to patient records, the difference between consent and authorization, vaccination data, and more!
A recent survey of 600 data center experts across North America, Europe, and Asia-Pacific has found that inefficient data removal and data sanitation processes are costing some organizations hundreds of thousands of dollars annually.
Q: My doctor emailed me while he was on vacation, and the email had the automatic “sent from my iPhone” message at the end. Is it a HIPAA violation for doctors to use their personal cell phone to communicate with patients?
In this month's Product Watch, we look at a phishing and social engineering threat simulator that includes security awareness training intended to mitigate the threat of phishing and the risk of a data breach.
Twelve state attorneys general filed a federal lawsuit last month against Medical Informatics Engineering Inc., in Fort Wayne, Indiana, for failing to secure its computer systems, which resulted in a HIPAA data breach that compromised the data of more than 3.9 million people.
Q: In a previous question, you said you can destroy paper records like charts as soon as they are scanned into the EMR if your state considers electronic storage media legally acceptable for medical records. My organization is currently rewriting our policy on shredding charts; is there any reference to this in HIPAA that we can use to back this up?
The healthcare sector is a frequent target of cyberattacks due to the value of PHI, which is the target of financial identity theft and medical identity theft. To safeguard PHI, you need to know the differences among phishing, ransomware, and DoS attacks.
