Advanced Search

Health Information Compliance Alert

Case Study:
Don't Cut Any Corners In Your Security Rule Compliance Practices
The road to a data breach is riddled with (fixable) security potholes. Taking a lax ap... Read more
Learn 7 Big Lessons From HIPAA Breaches
Tip: Don’t forget about physical safeguards for your paper records. Data breache... Read more
Risk Assessment:
Understand The 6 Major Risk Categories For Your Risk Assessment
And check out 10 other risk areas that you shouldn’t overlook. You may feel like... Read more
Tool:
Use This Cheat-Sheet To Mitigate Your Security Risks
Don’t forget about organizational requirements like business associate contracts. ... Read more
Enforcement News:
When HIPAA Trumps State Law Privacy Claims
Plus: Identity theft hackers could open you up to an investigation by the IRS and FBI. ... Read more
Reader Question:
Which Comes First: Compliance Or Strategic Risk?
Question: Should our internal audit focus on compliance or strategic risks? Answe... Read more
Reader Question:
Is Sending An Unencrypted Email An Automatic Breach?
Question: If we use unencrypted email to send a message with a patient’s prot... Read more
Reader Question:
How Can You Make Continuous Monitoring Feasible?
Question: What is the best way to develop a more continuous monitoring approach to ... Read more
HIPAA Compliance:
New Guidance: Emergencies Don't Trump Your HIPAA Requirements
Know what information you can share with disaster relief organizations. Do you know yo... Read more
Case Study:
Understand HIPAA's Evolving Impact On Med Mal Lawsuits
Decision point: Courts look to preemption provisions in the HIPAA regs. Patients in Fl... Read more
Quiz:
Test Your Employees' Basic HIPAA Knowledge To Pinpoint Training Topics
Focus training on the questions your staff trip up on. New and veteran employees alike... Read more
Enforcement News:
How You Can Overcome HIPAA Lawsuits Based On 'Speculative' Claims
Plus: Breach impact grows by leaps and bounds over time for Cedars-Sinai. More and mor... Read more
Reader Question:
Can You Still Use The MU Hardship Exception For This Year?
Question: We are still not able to meet the meaningful use (MU) requirements this year. ... Read more
Reader Question:
What's Wrong With Mailing Postcards To Patients?
Question: Our provider group would like to send out postcards to our patients. The postc... Read more
Case Study:
Don't Overlook Data Breach Risks From Desktop Thefts
Are you including desktop computers in your security risk assessment? No healthcare pr... Read more
HIPAA Compliance:
How Your HIPAA Obligations Regarding Same-Sex Marriage Have Changed
OCR augments the definitions of spouse, marriage, and family member. The U.S. Supreme ... Read more
Data Security:
Weigh The Benefits Vs. The Risks Of Storing Data In The Cloud
How a signed BAA doesn’t ensure HIPAA compliance. Cloud services are incredibly ... Read more
Enforcement News:
Can PHI Really End Up On Google? Yes, This Happened
Plus: Big security flaw puts Unix systems at risk. Yet another data breach serves as a... Read more
Reader Question:
What Are The Dangers Of Not Complying With New BAA Standards?
Question: Despite the Sept. 22 deadline, we have not yet updated our business assoc... Read more
Reader Question:
Can You Let NPP Rules Slide In This Situation?
Question: We sometimes need to collect preoperative information about a new patient... Read more
Reader Question:
Are There Security Rule Considerations For Telemedicine?
Question: One of our practice’s nurse practitioners provides occasional telem... Read more
Case Study:
Watch Out For Sophisticated Malware Breaching Your Systems From Overseas
Pay attention: Massive breach teaches you four crucial lessons. The latest HIPAA breac... Read more
EHRs:
Meaningful Use: Get Your 2014 CEHRT Now
Good news: You’re getting another year for Stage 3 compliance. If you’re n... Read more
Ask Yourself 5 Questions To Gauge Your Breach Vulnerabilities
Tip: Look for all opportunities to encrypt PHI in your organization. Although many ind... Read more
Enforcement News:
How Data Breach Settlement Sets 'Unfortunate Precedent'
Plus: How your BAs can get you into a big breach mess. Forget a class action lawsuit u... Read more
Reader Question:
What's The Biggest HIPAA Issue For EHR Implementation?
Question: What is the biggest issue you’ve seen with HIPAA and the electronic... Read more
Reader Question:
Does Breach Of Single Person's PHI Require Notification?
Question:  What must we do in terms of breach notification if we mail a statement t... Read more
Reader Question:
Do BAs Need To Have HIPAA NPPs?
Question: Does a business associate (BA) need to have a HIPAA Notice of Privacy Pra... Read more
Case Study:
Learn 4 Lessons To Secure Your Backup Tapes
Delayed breach reporting can get you into even more hot water. For HIPAA compliance, i... Read more
HIPAA Audits:
Get Ready For Phase 2 Of OCR Audits: Take 7 Steps
Beware: These new audits could lead to civil money penalties. Now that the Phase 1 aud... Read more
Curious? Find Out What Phase 1 OCR Audits Revealed
Security-standard compliance items are a weak spot for providers. If you’re w... Read more
Lawsuits:
How Potential Precedent-Setting Court Ruling Is Good News For You
Could this court decision affect breach lawsuits beyond California? In a major HIPAA-b... Read more
Enforcement News:
Make Photography And Recordings Part Of Your HIPAA Policies
Plus: Laptop theft places hospital in treacherous waters. Recent class-action lawsuits... Read more
Reader Question:
Can You Email Blank Forms To Patients With A Simple 'Okay?'
Question: I work in a pain management clinic, and we want to start sending patients thei... Read more
Reader Question:
Does The Privacy Rule Really Allow Disclosures To Family And Friends?
Question: We often have patients’ family members calling our hospital to ask how t... Read more
Reader Question:
Is Signing NPP Acknowledgement Enough For Communication Permission?
Question: We have one of those text and email appointment-reminder systems in place. And... Read more
Case Study:
Don't Forget About The Privacy And Security Of Your Paper Records
OCR sheds no light on how it calculated the whopping $800,000 penalty If you’re ... Read more
Compliance:
Learn 3 Big Lessons From The HITECH Annual Reports
How to avoid the top 4 causes of HIPAA breaches The HHS Office for Civil Rights (OCR) ... Read more
Enforcement News:
How Access Controls And Employee Training Are Key To Preventing Breaches
Plus: Courts, states still unsure how to address data breach lawsuits. Are the wrong p... Read more
Reader Question:
No Breaches -- Do You Still Need To Submit An Annual Report?
Question: Do we still submit a report for the HHS annual breach reporting even if w... Read more
Reader Question:
Can You Reuse A Mobile Device Containing ePHI?
Question: Can we reuse or dispose of a mobile device that has stored health informa... Read more
Reader Question:
What Are The HIPAA-Compliance Needs For Text Messages?
Question: If we wanted to start sending text message notifications to patients just... Read more
Case Study:
Learn These Lessons From The Biggest HIPAA Settlement To-Date
Entities agree to pay out a benchmark-setting $4.8 million. If your company shares a d... Read more
EHRs:
Good News: You Could Get Some Breathing Room For EHR Compliance
But don’t also expect an escape from reimbursement cuts for noncompliance. If yo... Read more
Quiz:
Test Your HIPAA Compliance Know-How With This Quiz
How to implement a secure wireless network in your office. How does using a cloud-base... Read more
Enforcement News:
How Liability Insurers Try To Get Out Of Paying Your HIPAA Defense Costs
Plus: New regulations could be on the horizon for telemedicine. If your company underg... Read more
Reader Question:
What Kind Of Risk Does Using Private Email Accounts Pose?
Question: Our provider group has a secure system for encrypting all outgoing emails... Read more
Reader Question:
Is This An Incidental Use And Disclosure?
Question: This summer our practice has two interns from the local community college... Read more
Reader Question:
Can Patients Waive Encryption For B2B Communications?
Question:  I understand that a patient can request that we send to them unencrypted... Read more
Case Study:
Follow 3 Steps To Avoid Laptop HIPAA Breaches
OCR is pushing entities harder to perform risk assessments. Two recently announced HIP... Read more
Quiz:
Discover How Much Your Staffers Know About Contingency Planning
Understand what is truly critical to your office operations. A hurricane, a flood, a t... Read more
Enforcement News:
Watch Out: Upcoming HIPAA Audits Will Be 'Aggressive'
Plus: FBI knows how much money your patient’s PHI is worth. Keep your eyes peele... Read more
Reader Question:
Will Your General Liability Policy Cover Security Breaches?
Question: Our insurance agent who deals with our practice’s general liability... Read more
Reader Question:
How Often Must You Change Your Passwords?
Question: We are having a little disagreement in our office. How often should we ch... Read more
Reader Question:
Can Multiple Small Breach Reports Trigger An Audit?
Question: If our clinic reports every small HIPAA breach throughout the year instea... Read more
Case Study:
How Much Could You Pay For Your BA's Mistakes?
Why you’re increasingly at risk for breach-related private lawsuits. Finger-poin... Read more
Update Your 'Pre-Existing' BAAs Now
Focus on 3 BAA terms that can increase your liability. While you’re pondering yo... Read more
Quiz:
Test Your HIPAA Knowledge With This Quick Quiz
What’s the first step in securing your office’s network and hardware infrast... Read more
Enforcement News:
Check Out The New Risk Assessment Tool For iPad & Windows
Plus: Get ready now for the next series of HIPAA audits. Do you need help conducting y... Read more
Reader Question:
Is Faxed Information Considered ePHI?
Question: If we fax a document containing a patient’s medical information fro... Read more
Reader Question:
What To Do When Another Provider Refuses To Release Records
Question: We’re treating a new patient and need to obtain the patient’s... Read more
Reader Question:
'Consent' Vs. 'Authorization' -- What's The Difference?
Question: Under the HIPAA Privacy Rule, what is the difference between “conse... Read more
Case Study:
Follow 6 Steps To Avoid This Type Of Costly Data Breach
Data-breach class action lawsuit sets new practice in awarding damages. “No harm... Read more
Privacy Rule:
Know How State Laws May Complicate Your Mental Health HIPAA Compliance
Don’t rely on new HHS guidance until you check your state laws first. New guidan... Read more
Tool:
Checklist: Take 10 Steps To Comply With Meaningful Use Requirements
Don’t attest until you’ve performed a risk analysis and corrected problems. ... Read more
Enforcement News:
Word On The Street: Get Ready For The 2014 Random HIPAA Audit Program
Plus: HHS issues new final rule that broadens patients’ access to lab test reports... Read more
Reader Question:
When Will Windows XP Become No Longer HIPAA-Compliant?
Question:  We’ve heard that computers still using Windows XP will soon be no ... Read more
Reader Question:
How Often Do You Really Need To Perform A Risk Assessment?
Question:  We are having a bit of a debate in our practice. Some of us think that p... Read more
Reader Question:
When Laws Disagree: Withhold PHI Or Provide Access?
Question: What should we do when our state law requires restriction or withholding of pa... Read more
HIPAA Compliance:
Heed Expert Tips To Craft Effective HIPAA Policies & Procedures
Make sure you cover these 7 big changes under the new rules. If you’re like most... Read more
Know 4 Principles Your Policies Must Never Be Without
Do your policies set forth clear responsibilities and accountability? What makes a &ld... Read more
Tool:
Use This Chart To Dispel Security Risk Analysis Myths
HHS OCR gives you a little help on getting your risk analysis down pat. As the HHS Off... Read more
Enforcement News:
Brace Yourself For Increased HIPAA Audits
Plus: OCR now handing out fines for not having breach policies. The HHS Office of Insp... Read more
Reader Question:
Taking Secrets To The Grave: When You Can Share Decedents' PHI
Question: Our practice treated a patient who passed away two years ago, and now we are t... Read more
Reader Question:
Are BAAs Always Necessary?
Question: With the HIPAA Omnibus Final Rule now in effect, it seems as though we need to... Read more
Reader Question:
Can You Send Medical Records Via Email (Securely)?
Question: One of our patients has requested a copy of his medical records, and he wants ... Read more
HIPAA Compliance:
When Disaster Strikes: Ask 4 Questions to Evaluate Breach Risk
Breach notification rules have changed — are you up-to-speed? You think you have... Read more
Make Your Job Easier With This Breach-Notification Decision Tree
Information ‘retention’ can affect your notification duties. How can you k... Read more
Compliance:
Watch For Compliance in Your Provider Documentation
You could be setting your practice up for paybacks, fines, or worse. Inadequate docume... Read more
ED PQRS Reporting:
Prepare for Quality And Cost of Care to Impact Your Reimbursement
Size matters when it comes to data collection. The recent final rule makes changes to ... Read more
Industry Notes
Unnecessary HIPAA Barriers Removed to Tighten Gun Control With a view to bringing unde... Read more
Reader Question:
Let Medical Necessity Rule Code Choice
Question: Our physician is a very thorough documenter and treats very sick patients. Bec... Read more
Available Years:  2014  2013  2012  2011  2010  2009  2008  2007  2006  2005  2004  2003  2002