Those in charge of overseeing HIPAA compliance at their healthcare organizations need to have a firm understanding of privacy laws outside of the healthcare arena.
The Office for Civil Rights (OCR) issued guidance on audio-only telehealth in June. This guidance provides helpful tips on how covered entities (CE) can use remote communication technologies to provide audio-only telehealth services in a manner consistent with HIPAA requirements.
Now that the fourth quarter has arrived, things are winding down for 2022. This is a good time to reflect on the past year of HIPAA compliance and prepare for 2023. Here is a roundup of HIPAA topics and some actionable tips for compliance.
In early June, Congress released a bipartisan draft bill called the American Data Privacy and Protection Act. The goal of this bill is to create a regulation that organizations in any industry would need to accord with compliance. On the surface, this sounds great, but in reality, it is unrealistic.
Starting on October 6, the definition of electronic health information (EHI) will include “the entire scope of the EHI definition [i.e., ePHI that is or would be in a Designated Record Set (DRS)].”
The 21st Century Cures Act fundamentally changes how patients can interact with their health information — and October 6 is a significant milestone for these changes.
In August, the Office for Civil Rights (OCR) announced a settlement with New England Dermatology P.C., known as New England Dermatology and Laser Center, over the improper disposal of PHI, which is a potential HIPAA Privacy Rule violation.
