HIPAA Wiki: A Brief Summary of HIPAA Rights

The Hawaiian language has a memorable equivalent of the English word for “fast”: “wikiwiki.” The term “wikiwiki” can be spoken quickly. Similarly, when a person looks up a “wiki” for information, what the person hopes to find is information on a particular topic that can be quickly overviewed, covering all of the highlights. A HIPAA wiki contains the following information about patient rights. Do you have an effective [...]

2020-11-16T17:01:53-05:00May 21st, 2020|

HIPAA and Risk Assessment: Is a HIPAA Risk Assessment Mandatory?

Recently, many organizations have begun to wonder if a risk assessment is mandatory. This in part is due to misinformation on some websites that claim that a HIPAA mandatory risk assessment is not actually mandatory. The question of is a HIPAA risk assessment mandatory is answered below. HIPAA and Risk Assessment: HIPAA Mandatory Risk Assessment Is a HIPAA risk assessment mandatory? The Health Insurance Portability and Accountability Act (HIPAA) [...]

2022-05-06T13:36:53-04:00May 1st, 2020|

HIPAA Security Official Requirement

Under the HIPAA Security Rule, covered entities and business associates are required to implement appropriate administrative, physical, and technical safeguards to ensure the confidentiality, integrity, and security of electronic protected health information (ePHI). The administrative safeguard provision of the HIPAA regulations is broken into a series of standards whose requirements must be met. One of these standards is known as the Assigned Security Responsibility Standard. The standard requires that [...]

2022-05-12T18:09:52-04:00April 20th, 2020|

What is the Integrity of ePHI Under the HIPAA Security Rule?

The HIPAA Security Rule requires that covered entities (health plans, healthcare clearinghouses, and healthcare providers who electronically transmit any health information in connection with a HIPAA related transaction) and business associates implement reasonable and appropriate technical safeguards. These safeguards must protect (among other things) the integrity of ePHI, electronic protected health information (ePHI). ePHI is any protected health information that is created, stored, transmitted, or received in any electronic format. [...]

2020-11-16T17:01:59-05:00February 27th, 2020|

HIPAA Network Security

For a HIPAA covered entity (i.e., a health provider), there is often a direct relationship between the health of the network and the health of the entity’s wallet, so to speak. A healthier network with strong security measures, is one less likely to be the subject of a complaint made to (and resultant fine assessed by) the Department of Health and Human Services’ (HHS) Office [...]

2022-05-06T13:55:39-04:00January 23rd, 2020|

MSP Security Rule Compliance

A managed service provider (MSP) is an entity that remotely manages a covered entity’s  IT infrastructure, and/or end-user systems. Managed service providers who work with clients in the healthcare sector must comply with the HIPAA Security Rule.  Under the HIPAA Security Rule, MSPs must perform a security risk analysis. What Does MSP Security Rule Compliance Consist of? MSP Security Rule compliance has several components. One [...]

2022-05-06T13:36:53-04:00January 7th, 2020|

HIPAA Security Rule: Risk Analysis Review and Updating

The HIPAA Security Rule requires that covered entities (health plans, healthcare clearinghouses, and healthcare providers who electronically transmit any health information in connection with a HIPAA related transaction), and business associates, implement security safeguards to protect the confidentiality, integrity, and availability of electronic protected health information (ePHI). ePHI is any protected health information that is created, stored, transmitted, or received in any electronic format. Performing [...]

2022-05-06T13:36:53-04:00December 24th, 2019|

What is HIPAA Penetration Testing?

Under the HIPAA Security Rule, covered entities must implement security safeguards to protect the confidentiality, integrity, and availability of electronic protected health information (ePHI). ePHI is any protected health information that is created, stored, transmitted, or received in any electronic format. One type of security safeguard that must be implemented is known as an “administrative safeguard.” The administrative safeguard provision of the HIPAA Security Rule [...]

2022-05-06T14:38:19-04:00December 4th, 2019|

5 Office Guidelines for Complying with HIPAA

As covered entities under HIPAA, medical offices are subject to the HIPAA Privacy Rule and the HIPAA Security Rule.  Below are five office guidelines for complying with HIPAA. What are Five Office Guidelines for Complying with HIPAA? 1. Office Guidelines for Complying with HIPAA #1: Provide HIPAA training to employees 2. Office Guidelines for Complying with HIPAA #2: Conduct the annual HIPAA Security Rule Security Risk Assessment 3. Office [...]

2022-05-06T12:13:33-04:00November 12th, 2019|

Transporting PHI: HIPAA On the Road

PHI in transit consists of either paper documents or records, or portable media and devices. The physical safeguard provisions of the HIPAA Security Rule require covered entities to protect any portable media or devices, whether permanently stationed or in transit. The HIPAA Privacy Rule also requires covered entities to implement physical safeguards to protect all forms of PHI, including any paper records containing PHI, including HIPAA paper documents. [...]

2022-06-24T06:00:42-04:00November 7th, 2019|