Briefings on HIPAA

Our expert answers HIPAA questions about out-of-state patients, smartphones, and HIPAA training.

HIPAA training is required by the HIPAA rules, under § 164.530, Administrative requirements. But just because it’s required doesn’t mean it has to be repetitive, boring, or unappealing. There are ways to make your healthcare staff excited about HIPAA training. At the very least, you can do your part to make sure they’re engaged.

OCR in 2013, through the Health Information Technology for Economic and Clinical Health (HITECH) Ac,t issued a final rule identifying provisions of the HIPAA rules that apply directly to business associates (BA) and those provisions for which BAs are directly liable.

HIPAA security officers arguably have more on their plates now than ever before as the cloud and mobile era are fully upon us and potential cybercriminal access to PHI increases,

Our expert answers HIPAA questions about disclosures of entire medical records, accidental records access, and more.

Consider hiring a CPA firm to conduct Service and Organization Controls audits and penetration testing to assess your security.

A recent HIPAA breach that involved transmission of PHI to only one party—a reporter—nonetheless cost a Connecticut practice $125,000, in part because the practice didn’t take simple precautions.

Large-scale data breaches in the healthcare industry show no sign of decreasing. In this mid-year recap, we discuss the largest breach of 2019.