As telehealth expands and technology improves, there are an increasing number of options for communication between healthcare providers and patients as well as between providers, but such services raise concerns for HIPAA compliance due to the method of transmission and issues of security compliance.
Rush System for Health in Chicago revealed in a recent quarterly report that the personal information of approximately 45,000 patients was compromised in a data breach.
Q: A pain specialist practice called to set up an apointment for my wife while she was out. She has various medical problems, and I am often in contact with her doctors. I asked if I could set up the appointment, and they said it would be a HIPAA violation to speak to anyone other than the patient about their schedule. Is that correct?
University of Washington Medicine in Washington state is notifying 974,000 patients about a data breach which left their health information exposed online for weeks. This follows a recent breach announced by the University of Connecticut Health which affected 326,629 individuals in December.
Q: At the doctor's office where I work, patients are often friends or family members of staff. I heard in passing that my co-worker's boyfriend was coming in for an appointment later that day, when I mentioned it to the co-worker, she said she would be filing a complaint for a HIPAA violation. Is this really a HIPAA violation?
In this month's HIPAA Q&A, our expert answers questions on medical record requests, health insurance exchanges, fines when there has been no breach of PHI, and mandatory encryption.
The American Hospital Association (AHA) released a letter on February 12 in response to HHS’ request for information on modifying HIPAA rules to improve coordinated care, calling for more training and education as opposed to regulatory changes.
Q: Is it a reportable breach if an entity had the ability to send encrypted email, but an unencrypted email was sent to the correct recipient because of a computer fluke or user error?
Not only does your organization need appropriate policies and procedures in place to comply with HIPAA, you also need to make sure that staff members follow those policies and procedures. It’s not an easy task, and each organization has its own way of auditing compliance.
