HIPAA Soundproofing

Under the HIPAA Privacy Rule, covered entities must implement safeguards to protect against the unauthorized use or disclosure of PHI. Such safeguards may include HIPAA “soundproofing” measures designed to protect patient privacy. Note, though, that soundproofing measures are no substitute for a thorough HIPAA compliance program that covers all aspects of the HIPAA rules. What are HIPAA Soundproofing Measures? The HIPAA Privacy Rule does not require retrofitting of hospitals [...]

2019-11-21T10:54:12-05:00November 21st, 2019|

October Healthcare Breaches Affected Nearly 624,000 Patients

October healthcare breaches, listed on the Office for Civil Rights’ (OCR) “wall of shame” affected 623,888 patients. Only healthcare breaches affecting more than 500 individuals are listed on the OCR’s site, making it likely that several other patients were affected by smaller breaches. There were 51 reported breaches in October, of the reported breaches, 18 involved hacking/IT incidents, 27 were due to unauthorized access/disclosure, 3 were the result of [...]

2019-11-20T11:01:16-05:00November 20th, 2019|

HIPAA Law Enforcement

The battle between individuals’ privacy rights and the needs of law enforcement, has raged for centuries in one form or another. When the HIPAA Privacy Rule was implemented, the authors of this rule tried to appease, as it were, both sides. The resulting “compromise” is that protected health information - the information the HIPAA Privacy Rule affords some protection from disclosure - can be disclosed when disclosure is needed [...]

2019-11-19T15:40:46-05:00November 19th, 2019|

Updated HHS SRA Tool Issued

In 2011, the US Department of Health and Human Services (DHHS), the federal agency for enforcing HIPAA, issued a Security Risk Assessment (SRA) tool through its Office of Civil Rights (OCR). In 2019, after several updates, OCR offering its newest updated HHS SRA tool, version 3.1. The updated HHS SRA Tool contains several features that the prior tools did not contain. What is the Updated HHS SRA Tool? The [...]

2019-11-19T11:09:55-05:00November 18th, 2019|

HIPAA Appointment Reminders

The HIPAA Privacy Rule permits covered entities to use and disclose protected health information (PHI) for treatment, payment, and healthcare operations activities. HIPAA appointment reminders constitute the treatment of an individual, and therefore, can be made without an authorization. Do you have an effective HIPAA compliance program? Find out now by completing the HIPAA compliance checklist. HIPAA Appointment Reminders and the HIPAA Privacy Rule The HIPAA Privacy Rule established [...]

2019-11-15T11:05:51-05:00November 15th, 2019|

Google Project Nightingale: Access to Patient Data Not a HIPAA Violation

Google is one of the largest public companies in the world. Ascension Medical Group is the largest Catholic healthcare system in the United States. A recent report in the Wall Street Journal has confirmed that the two companies are working on something big: Project Nightingale. According to Ascension in a joint press release with Google, through Project Nightingale, Ascension “is working with Google to optimize the health and wellness [...]

2019-11-14T09:47:07-05:00November 14th, 2019|

HIPAA Compliant Laptops

HIPAA regulations require healthcare organizations and individual care providers to take measures to keep patient data secure. Failure to do so can result in fines, if an organization suffers a breach of unsecured PHI.  The HIPAA Security Rule requires that mobile devices be rendered secure. Security Rule requirements needed for HIPAA-Compliant laptops are discussed below. What is a Security Risk Assessment? The HIPAA Security Rule requires that covered entities [...]

2019-11-13T11:20:40-05:00November 13th, 2019|

5 Office Guidelines for Complying with HIPAA

As covered entities under HIPAA, medical offices are subject to the HIPAA Privacy Rule and the HIPAA Security Rule.  Below are five office guidelines for complying with HIPAA. What are Five Office Guidelines for Complying with HIPAA? 1. Office Guidelines for Complying with HIPAA #1: Provide HIPAA training to employees. 2. Office Guidelines for Complying with HIPAA #2: Conduct the annual HIPAA Security Rule Security Risk Assessment. 3. Office [...]

2019-11-12T16:17:45-05:00November 12th, 2019|

What are HIPAA Operating System Requirements? 

The HIPAA Security Rule, requires covered entities and business associates to develop effective administrative, technical, and physical safeguards to ensure protected health information (PHI) is secure. The Security Rule does not impose minimum HIPAA operating system requirements for a business’ computer systems. Indeed, the HIPAA Security Rule generally does not impose any specific HIPAA software requirements (including HIPAA operating system requirements) on entities. No provision of the Security Rule [...]

2019-11-19T12:03:36-05:00November 11th, 2019|

Texas Health and Human Services Commission Fined $1.6 Million by OCR

The Texas Health and Human Services Commission (TX HHSC) is a Texas government state agency. Its charge is to improve the health, safety and well-being of Texans with good stewardship of public resources. TX HHSC, which is part of the broader Texas Health and Human Services system, which: Operates state-supported living centers; Provides mental health and substance abuse services; Regulates child care and nursing facilities; and Administers programs for [...]

2019-11-08T09:52:20-05:00November 8th, 2019|