A former Arkansas Children’s Hospital employee is under investigation for misusing patients’ personal health information for personal gain, according to an announcement from the hospital.
The HIPAA Security Rule requires information systems activity review, but a number of covered entities and business associates have yet to implement a robust security program that includes monitoring audit logs. Per the preamble to the Omnibus Rule, if audit logs are generated and you’re not looking at them periodically, that could be considered willful neglect.
OCR’s June cybersecurity report focuses on software bugs and patches designed to fix them. Software bugs can make your computer systems vulnerable and put electronic personal health information (ePHI) at risk.
Q: A patch was installed within the EHR at my facility last week. While using the system this week, my coworker and I received an error message. Should we alert staff of this performance issue?
Protecting your patients’ PHI does not mean just having a breach prevention plan in place and a strong risk analysis program. It’s also about preparing a breach contingency plan, because in today’s world it’s almost inevitable that you’ll experience a breach.
On June 28, a woman from Butler, Pennsylvania, was indicted by a federal grand jury, accused of wrongfully obtaining and disclosing protected health information (PHI) in violation of HIPAA.
Q: I work in a skilled nursing facility and would like to post the level of assistance needed and precautions on a dry erase board in patients’ rooms for nursing assistant use. Is this allowed?
A legislative effort is underway to align some of the provisions of 42 CFR Part 2—the privacy regulation that governs the use and disclosure of substance use disorder information maintained by programs known as “Part 2” programs—with HIPAA.
The U.S. House passed the Overdose Prevention and Patient Safety Act (HR 6082) on June 20 to amend the Public Health Service Act and protect the confidentiality of substance use disorder (SUD) patient records.
