Q: Is it permissible to write down a patient's pending exams (e.g., MRI, ultrasound) on the patient boards located by the patient's bed in his or her room even if that patient has a roommate?
1. The audit is intended as an educational tool, but if auditors discover serious noncompliance issues, they may request OCR conduct an investigation to determine if enforcement action is necessary.
If your organization experiences a data breach—an increasingly likely scenario—and PHI is exposed, chances are you will be hit with a lawsuit in short order.
There are compelling reasons with which to make a case to company executives of the benefits of a good data security program. It starts with return on investment calculations.
There are times when state privacy and security laws trump HIPAA, and healthcare organizations and their business associates (BA) should have a clear understanding of their compliance obligations in the midst of what can be a complex web of regulations.
Criminal attacks on the healthcare industry have increased 125% since 2010, and are now the leading cause of data breaches at healthcare organizations, according to the results of a study released by the Ponemon Institute in May 2015. At the same time, the study says many hospitals and business associates (BA) are unprepared and cannot ensure patients' privacy against these attacks.
