Historically, HIPAA enforcement has focused predominantly on the failure of covered entities to keep protected health information (PHI) private and secure; but now the scope is broadening to encompass keeping PHI too private and too secure. The HHS Office for Civil Rights (OCR), the agency that enforces HIPAA rules, has broken new ground by fining a Florida hospital for failing … [Read more...] about HIPAA enforcement takes a dramatic new direction
HIPAA
HIPAA compliance with document management
By Andreas Rivera bio Recordkeeping can be one of the most stressful aspects of running a healthcare business since privacy compliance is scrutinized in healthcare more than any other industry. Anyone with experience in the healthcare industry knows that violating HIPAA comes with steep penalties. It’s a constant anxiety to make sure your records are being stored in an … [Read more...] about HIPAA compliance with document management
5 essential steps to ensure an effective HIPAA program
By Danika Brinda bio HIPAA Compliance is a term that is often thrown around the healthcare industry; however, I commonly ask myself: Is the meaning of HIPAA Compliance the same throughout the industry? The answer is NO! Walking into a healthcare organization in the last month, the HIPAA Privacy Officer was excited to tell me that they are fully HIPAA compliant and … [Read more...] about 5 essential steps to ensure an effective HIPAA program
The 10 things HHS says you should be doing to stop phishing, ransomware and other threats
HHS has published a Guidance on cybersecurity for healthcare organizations. Even though it's voluntary, the new HHS Guidance is significant to the extent it lays out the agency's expectations of the measures medical offices and other organizations should take to protect medical data from cybersecurity threats. How the Guidance came about The genesis of the Guidance is a … [Read more...] about The 10 things HHS says you should be doing to stop phishing, ransomware and other threats
Traps to avoid: Giving ex-practice employees access to PHI
Your medical office staff understands the imperative of safeguarding personal health information (PHI) and wouldn't let strangers roam about the facilities freely. But it's easy for them to lower their guard when a former employee comes back to the practice, e.g., to pick up a final paycheck or just make a social call. Ex-employees are a common and virulent privacy threat, even … [Read more...] about Traps to avoid: Giving ex-practice employees access to PHI
HIPAA Refresher: Is your practice on top of NPPs?
By Ranadene K. Tapio, MBA, CMRS, CMC, Guest Contributor bio I know, HIPAA is old news. And ALL of your offices are presenting your patients with a HIPAA Notice of Privacy Practices (NPP) already. Right? Are you sure? Do you have systems in place to ensure this is being done? Do you work the front desk, so you know it's getting done? Are you in the back office, and in … [Read more...] about HIPAA Refresher: Is your practice on top of NPPs?
HIPAA security can fail if the office doesn’t take common-sense precautions
No matter how tight its HIPAA privacy procedures, if the office isn't also focusing on common sense, the patient data is wide open to compromise. "That's because we do things we don't think about," says Rosemarie Nelson, a principle with MGMA practice management consulting in Syracuse, NY. "It's not hackers trying to get at the office's data" that the manager needs to worry … [Read more...] about HIPAA security can fail if the office doesn’t take common-sense precautions
How to determine the order of multiple insurance coverages
By Ranadene (Randi) K. Tapio, MBA, CMRS, CMC, Guest Contributor bio When patients have multiple insurance coverage, at times it can be difficult to determine which one is primary, secondary, and tertiary. Sometimes, the patients don't even know which order they go in! While there are always going to be exceptions, here are some basic guidelines to keep in mind: … [Read more...] about How to determine the order of multiple insurance coverages
HIPAA extends to gossip as well as to searching out dirt on an ex-spouse
Getting staff to maintain patient confidentiality goes much further than getting them to protect electronic data. A significant risk for offices is just plain talk. A staffer tells a friend about a patient's condition. Or there could be actual malice where a staffer looks up information on an ex-spouse. Or there could be innocent talk where a staffer in one office tells a … [Read more...] about HIPAA extends to gossip as well as to searching out dirt on an ex-spouse
Six security tips for Cybersecurity Awareness Month
To help raise awareness in support of Cybersecurity Awareness Month, Ivanti recently shared the following top cybersecurity tips and best practices. "October is Cybersecurity Awareness month, and while following security best practices are important every month of the year, it's a good time to remember that we should all take a collective role in organizational security and … [Read more...] about Six security tips for Cybersecurity Awareness Month