HIPAA Zone

Home/HIPAA Zone

Upholding HIPAA OCR Compliance & Streamlining Patient Access to Medical Data

Catherine Short speaks with Cristin Gardner, Director of Consumer Products & Markets at Life Image a healthcare network for exchanging clinical and operational information including medical images, about “Upholding HIPAA OCR Compliance & Streamlining Patient Access to Medical Data.” Digital innovation is transforming healthcare. The federal government has recently made significant pushes to make healthcare

HIPAA Privacy Rule Changes Address Gun Control

On January 4, 2016, the Obama administration rolled out a number of executive actions addressing gun control, one of which impacts the Health Insurance Portability and Accountability Act (HIPAA). To this end, the Department of Health and Human Services (HHS) issued a final rule narrowly modifying the HIPAA Privacy Rule to allow certain covered entities

Individual’s Rights to Access PHI

An individual’s right to access their protected health information (PHI) should be nothing new to covered entities. In 1996, HIPAA Privacy Rule detailed an individual’s right to access PHI. As part of HITECH and the Final Omnibus Rule, modifications to the Privacy Rule have included additional requirements for covered entities and business associates. Unfortunately, recent

Is Your Compliance Program Effective?

Having a compliance program in place is a start but having an effective compliance program is the goal. Proactively assessing the effectiveness of one’s own compliance program is better than the Department of Justice making a determination of the adequacy as a result of an investigation for alleged misconduct. To set benchmarks for an effective

Deadline for Breach Reporting Coming Soon

As the end of the year approaches, keep in mind that all breaches of unsecured protected health information involving less than 500 individuals must be reported to the Secretary at the Department of Health and Human Services (HHS) within 60 days of the end of the calendar year. If the organization already reported a breach

OIG WORKPLAN 2016

The Office of the Inspector General (OIG) is responsible for protecting the integrity of the programs in Health and Human Services against fraud, waste and abuse as well as recommending improvements to the system that would promote efficiency and efficacy within the limits of the health care laws.   Although OIG oversight includes programs such as

Are You Prepared for the HIPAA Phase 2 Audits?

After reviewing the HIPAA Privacy case investigations from 2009-2011, the Office of the Inspector General sent a strong message to the Office of Civil Rights in regard to the administration and enforcement of the HIPAA Privacy Rule. The OIG recommendation is clear in the September 2015 executive summary, “OCR Should Strengthen Its Oversight of Covered

Are your mobile devices HIPAA compliant?

As the world of healthcare evolves, more and more healthcare providers are turning to mobile devices in their practice. If you are a covered entity, you are responsible for complying with HIPAA regulations for securing private patient information, including when using mobile devices. Here are some guidelines to ensure security while using mobile devices: Before

Do You Risk Violating HIPAA on Social Media?

As technology continues to evolve, so does social media, with more and more platforms arising for people to communicate – anytime, anyplace to anyone. The increase in social media presence in healthcare creates greater vulnerability toward breaches of patient confidentiality. Here are some tips to avoid violating HIPAA with social media: Do not talk about

How would your staff react to an auditor or investigator?

Audits and investigations are stressful events either with or without prior notice. Medical staff should be prepared for an unannounced visit. First Healthcare Compliance provides a sample policy that assists clients in preparing the front office. Here are some recommendations to ensure that proper steps are taken: Immediately contact your supervisor, manager and/or Compliance Officer