Does Talking About a Patient Violate HIPAA?

One main focus of HIPAA regulations is ensuring the privacy of the protected health information (PHI) of patients. Most people immediately think about the protection and security of PHI in physical or electronic (ePHI) formats, but what about when PHI is verbalized? Does talking about a patient violate HIPAA? If so, what precautions do healthcare providers need to take to avoid breaching [...]

2022-05-20T16:54:27-04:00May 16th, 2022|

HIPAA Compliant Environment or a Culture of Compliance?

One of the trendy marketing terms being used by equipment and service providers in the security space is “HIPAA Compliant Environment.” It’s usually used to describe items like highly secure protocols, including operational environment controls, workload (VM and application) hardening, data at rest and in transit protection, identity, and access management. All of these tools are very useful to ensure privacy and [...]

2022-05-06T17:03:26-04:00April 29th, 2022|

There’s No Such Thing as Free HIPAA – Ask TurboTax

TurboTax, the tax filing software company, was recently sued by the Federal Trade Commission (FTC). What’s the charge? Deceiving consumers with bogus advertisements pitching “free” tax filing that millions of Americans could not use.  Next up on TurboTax’s journey with the FTC is a stop in a federal district court. The FTC has asked a court to order Intuit (TurboTax’s parent company) [...]

2022-05-06T17:03:27-04:00April 22nd, 2022|

Things to Consider with HIPAA in Employee Handbooks

One of the critical requirements of HIPAA is having effective policies and procedures that reflect how an organization uses, controls, and manages the protected health information of individuals. Employees must not only be aware of these policies and procedures but also attest that they will abide by them. Many companies include their HIPAA policies in Employee Handbooks, but is that the best [...]

2022-05-06T17:03:28-04:00April 18th, 2022|

How to Choose a HIPAA Compliant Vendor

The vendors you choose to help run your business will determine your business success level. Ultimately, your vendor’s vulnerabilities are your vulnerabilities, which is why HIPAA emphasizes the importance of business associate compliance. Business associate vendors must be compliant with HIPAA standards. So how do you ensure that you are choosing HIPAA compliant vendors? What is a Business Associate? While not all [...]

2022-05-06T17:03:34-04:00March 2nd, 2022|

HIPAA SRA Requirements: Conduct Ongoing, Continuous Risk Analyses

The question is asked of HIPAA subject matter experts with an almost maddening frequency: “How often do I need to conduct a HIPAA Security Risk Analysis (SRA)?” In 2010, the Department of Health and Human Services’ Office for Civil Rights issued guidance on the topic. The guidance did not spell out how often the analysis is to be performed. Yet, the guidance [...]

2022-05-06T17:03:34-04:00March 1st, 2022|