Briefings on HIPAA

Q.As part of its fundraising effort, Hybrid ­Entity's cancer center wants to send a ­patient list ­(demographic information only) to Hybrid's ­development office, which is not ­designated as a healthcare component of Hybrid. Is this permissible? 

An important part of a compliance officer's job is ­responding to noncompliance complaints.

Mobile devices-thumb drives, smartphones, external hard drives, tablets, and laptop computers-are creating risks for PHI exposure.

It may not be the proverbial keys to the ­kingdom, but OCR's recently published audit protocol for its ­current privacy and security audits gives healthcare ­organizations an inside look at the inspection process.

Education is giving people the knowledge they need. Training helps them develop the skills that allow them to put that knowledge to use.

You have questions; we have answers.

Too many healthcare organizations are receiving ­failing grades for HIPAA compliance, an analysis of OCR's first 20 initial audits reveals.

The initial 20 OCR HIPAA audits offer insight with respect to privacy and security compliance.

If you don't know where all of your PHI is, how can you ensure that you protect it?