Navigating the complexities of HIPAA compliance takes work, especially for healthcare providers and their vendors. Because of the vague nature of the law and the fact that HIPAA compliance is an all-or-nothing endeavor, too many organizations depend on hope more than knowledge. The first step is finding sources with reliable and trusted information. We found four trusted HIPAA Compliance Resources Online that [...]
Nearly every American knows about the Health Insurance Portability and Accountability Act (HIPAA). But awareness of HIPAA is different from knowledge. In fact, HIPAA may be one of the most misunderstood regulations among the general public. You need only look to social media to see claims that a post was a “HIPAA violation,” but saying so doesn’t make it so. You can’t [...]
One main focus of HIPAA regulations is ensuring the privacy of the protected health information (PHI) of patients. Most people immediately think about the protection and security of PHI in physical or electronic (ePHI) formats, but what about when PHI is verbalized? Does talking about a patient violate HIPAA? If so, what precautions do healthcare providers need to take to avoid breaching [...]
One of the trendy marketing terms being used by equipment and service providers in the security space is “HIPAA Compliant Environment.” It’s usually used to describe items like highly secure protocols, including operational environment controls, workload (VM and application) hardening, data at rest and in transit protection, identity, and access management. All of these tools are very useful to ensure privacy and [...]
TurboTax, the tax filing software company, was recently sued by the Federal Trade Commission (FTC). What’s the charge? Deceiving consumers with bogus advertisements pitching “free” tax filing that millions of Americans could not use. Next up on TurboTax’s journey with the FTC is a stop in a federal district court. The FTC has asked a court to order Intuit (TurboTax’s parent company) [...]
One of the critical requirements of HIPAA is having effective policies and procedures that reflect how an organization uses, controls, and manages the protected health information of individuals. Employees must not only be aware of these policies and procedures but also attest that they will abide by them. Many companies include their HIPAA policies in Employee Handbooks, but is that the best [...]
The vendors you choose to help run your business will determine your business success level. Ultimately, your vendor’s vulnerabilities are your vulnerabilities, which is why HIPAA emphasizes the importance of business associate compliance. Business associate vendors must be compliant with HIPAA standards. So how do you ensure that you are choosing HIPAA compliant vendors? What is a Business Associate? While not all [...]
The question is asked of HIPAA subject matter experts with an almost maddening frequency: “How often do I need to conduct a HIPAA Security Risk Analysis (SRA)?” In 2010, the Department of Health and Human Services’ Office for Civil Rights issued guidance on the topic. The guidance did not spell out how often the analysis is to be performed. Yet, the guidance [...]
When healthcare providers and the vendors that serve them seek guidance about HIPAA Compliance, an internet search for “online HIPAA” is one place to start. You’ll find promises of (nearly) free training, compliance, or certification offered, but how do these online HIPAA compliance services match what the government requires to be HIPAA compliant? Online HIPAA Services – How We Got Here The [...]
Whether your company delivers healthcare directly or assists providers, there are challenges every day. Patients, pandemics, or a plethora of other things pull on your time and attention. You never have to wonder if you’re making things better for others. Are the services you’re using doing the same for you? Specifically, are you using HIPAA compliant billing software? To help you decide, [...]
