HITECH

Home/HITECH

Upholding HIPAA OCR Compliance & Streamlining Patient Access to Medical Data

Catherine Short speaks with Cristin Gardner, Director of Consumer Products & Markets at Life Image a healthcare network for exchanging clinical and operational information including medical images, about “Upholding HIPAA OCR Compliance & Streamlining Patient Access to Medical Data.” Digital innovation is transforming healthcare. The federal government has recently made significant pushes to make healthcare

Deadline for Breach Reporting Coming Soon

As the end of the year approaches, keep in mind that all breaches of unsecured protected health information involving less than 500 individuals must be reported to the Secretary at the Department of Health and Human Services (HHS) within 60 days of the end of the calendar year. If the organization already reported a breach

OIG WORKPLAN 2016

The Office of the Inspector General (OIG) is responsible for protecting the integrity of the programs in Health and Human Services against fraud, waste and abuse as well as recommending improvements to the system that would promote efficiency and efficacy within the limits of the health care laws.   Although OIG oversight includes programs such as

Are You Prepared for the HIPAA Phase 2 Audits?

After reviewing the HIPAA Privacy case investigations from 2009-2011, the Office of the Inspector General sent a strong message to the Office of Civil Rights in regard to the administration and enforcement of the HIPAA Privacy Rule. The OIG recommendation is clear in the September 2015 executive summary, “OCR Should Strengthen Its Oversight of Covered

Are your mobile devices HIPAA compliant?

As the world of healthcare evolves, more and more healthcare providers are turning to mobile devices in their practice. If you are a covered entity, you are responsible for complying with HIPAA regulations for securing private patient information, including when using mobile devices. Here are some guidelines to ensure security while using mobile devices: Before

Do You Meet the Security Rule Requirements for a Covered Entity?

Covered entities should be aware of differences between the Privacy and Security Rule requirements regarding protected health information. One major distinction is that the HIPAA Security Rule only applies to electronic protected health information (e-PHI). A covered entity is responsible for maintaining confidentiality, integrity and availability of all e-PHI. Under the HIPAA Security Rule, covered

Do You Meet the Privacy Rule Requirements for a Covered Entity?

Covered entities have several requirements under the Privacy Rule. The purpose of the rule is to protect and secure individually identifiable patient information and the covered provider has the ultimate responsibility for HIPAA compliance. Compliance with the Privacy Rule was required on April 14, 2003. According to the OCR’s HIPAA Audit Program Protocol for covered

Are You a Covered Entity?

HIPAA defines a covered entity as one of the following: Healthcare provider who transmits information in an electronic form Health Plan Healthcare clearinghouse Most providers are covered entities, managing insurance-related transactions electronically, like submitting claims to a health plan. What Are Your Responsibilities as a Covered Entity? Covered entities must comply with all of the

What Would The Office Of Civil Rights Most Likely Find In a HIPAA/HITECH Audit?

Looking back at past audits by the Office of Civil Rights (OCR) is the best place to start. The OCR enforces the HIPAA Privacy Rule, Security Rule, Breach Notification Rule and the confidentiality provisions of the Patient Safety Rule. The Office of Civil Rights’ “Lessons Learned from OCR Privacy and Security Audits” revealed the most