View this infographic busting five common HIPAA misconceptions about business associates, medical records access, breaches and more!
Basics of GDPR Compliance in the Healthcare Setting
Grant Elliott, President, and CEO of Ostendio discusses the basics of GDPR (General Data Protection Regulation) compliance for those in healthcare. Check out this Q and A session to learn more.
HIPAA: Handling Patient Requests for Medical Record Restriction
Healthcare compliance professionals frequently face confusing situations about sharing of protected health information (PHI). The Health Insurance Portability and Accountability Act (HIPAA) supports the protection of privacy of medical records. However, even when a patient does not authorize sharing of his record there are permitted uses and disclosures such as for the purpose of treatment, payment or healthcare operations (TPO).
The 7 Steps to Address a HIPAA Complaint
If a patient voices a concern of privacy violation, do you know how to handle the complaint? View our infographic for the seven steps you need to take immediately to reduce…
Who are your Business Associates?
Business Associate Agreements are a key component to your compliance program and overall HIPAA compliance. But how do you know which vendors need to sign them? Check out our latest…
Ride-Sharing Companies are your new HIPAA Business Associates
Early this month Uber introduced the launch of Uber Health, a new service that allows healthcare organizations to provide transportation for their patients. Within days, Lyft and Allscripts announced a…
HIPAA Alert- Improper PHI Disclosure Leads to OCR Settlement
This week, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced a $100,000 settlement with Filefax, Inc., an out of business company that once…
Preventing a HIPAA Breach – Phishing Attacks and Access
Your organization’s security risk analysis and security awareness training are the best defense against nefarious cyber criminals. In reviewing breaches from 2017, cyberattacks with ransomware brought organizations to a standstill…
7 Steps for Handling a Patient HIPAA Privacy Complaint
A patient voices a concern of privacy violation because the provider mistakenly emailed her medical treatment information to unrecognized email addresses. Your Notice of Privacy Practices correctly informs the patient…
Implement Reasonable Safeguards Before Hitting Reply to a Patient Email
A patient sends an email using their Gmail account discussing medical information. As the provider, you have no reason to believe that the email is secure so how do you…