HIPAA

Tips from this month's issue.

Q: It is my understanding that we can make PHI disclosures using our EHR for payment/treatment/healthcare operations without a consent and that we do not need to track these requests for an accounting of disclosures. Has this changed?

Tips from this month's issue.

This month's HIPAA Q&A answers readers' questions about record retention, information sharing, and patient photographs.

Poor customer support can put an organization in jeopardy when hardware fails.

Too often, organizations fall for common HIPAA myths and erroneously incorporate them into otherwise sound, good-faith compliance efforts. That can lead to wasted time and resources, duplicative work, or even outright noncompliance.

Email is a routine and essential part of communication in healthcare—even when communicating PHI. But setting and enforcing HIPAA-compliant email policies continues to be tricky for many organizations.

This month's Q&A answers readers' questions on requests for information, business associate agreements, and the Notice of Privacy Practices.

Tips from this month’s issue.