Briefings on HIPAA

Q: My brother claims he read in his dentist's HIPAA statement that information was disclosed to CIA and other government agencies. I suspect that his dentist was editorializing, but wanted to check. Could you explain what should be included in a HIPAA statement that should be in physician/dentist offices? Can you direct me to the official statement?

Q: Our organization does not support the use of USB drives. Is that typical?

Rick Ensenbach, CISSP-ISSMP, CISA, CISM, CCSFP, has one word for the HIPAA breach posted to OCR's wall of shame at the close of 2013: depressing.

We ask one BOH advisory board member and columnist to answer some questions about how the roles of CEs and BAs have changed over the years.

Sending out a mass mailing of a pamphlet that contained Medicare beneficiary numbers resulted in a civil monetary penalty of $6,768,000 for Triple-S Salud, Inc. (TSS), a Puerto Rican health insurance subsidiary.

Tips from this month's issue

The healthcare industry is taking lessons from the credit card and financial industry when it comes to preventing fraud.

What is the privacy and security governance structure like at your organization?I