Is WebEx HIPAA Compliant?

WebEx is a Cisco web conferencing and online meeting platform. WebEx has described its WebEx for Healthcare video conferencing and mobile app as easy to use and easy to host. With WebEx, a provider has the ability to conduct remote video consults with patients, and message patients with quick answers to questions. As good as this sounds, is WebEx HIPAA compliant? Since use of WebEx involves transmission of [...]

2023-04-06T14:17:28-04:00June 30th, 2020|

Exposure Notification Privacy Act Aims to Regulate Contact Tracing Apps

Recently, a bipartisan group of United States Senators introduced the Exposure Notification Privacy Act (ENPA). This bill aims to regulate exposure notification and contact tracing apps that will be used to monitor and control COVID-19 spread. What is Contact Tracing? Contact tracing is the process of identifying people who may have come into contact with a person infected by a virus. COVID-19 contact tracing apps [...]

2023-04-06T14:22:49-04:00June 9th, 2020|

The HIPAA Privacy Rule and Provider to Provider Communications

The HIPAA Privacy Rule allows for provider to provider communications - for providers that are part of a patient’s care team - to exchange clinical information, including protected health information (PHI) among each other.  Circumstances under which provider to provider communications involving use and disclosure of PHI are addressed below. When Are Provider to Provider Communications Permitted Under the HIPAA Privacy Rule? Generally, under the [...]

2023-04-06T14:23:18-04:00April 6th, 2020|

Are Patient Friend Requests HIPAA Compliant?

In the age of social media, it is important to understand how to use it in a professional manner. Healthcare providers may be interested to know if patient friend requests are HIPAA compliant. Although not prohibited by HIPAA law, it may not be the best idea to become friends with patients on Facebook.  It may be more appropriate to be Facebook friends with patients if your practice is in [...]

2023-04-06T14:23:24-04:00March 23rd, 2020|

What is a Designated Record Set Under HIPAA?

The HIPAA Privacy Rule generally requires HIPAA covered entities (health plans and most healthcare providers) to provide individuals, upon request, with access to the protected health information (PHI) about them in a designated record set (or sets) maintained by or for the covered entity.  What is PHI? PHI is defined as individually identifiable information relating to the past, present, or future health status of an [...]

2023-04-06T14:23:32-04:00March 9th, 2020|

HIPAA Settlement Reached with Gastroenterological Sole Practitioner

The Department of Health and Human Services’ (HHS) Office for Civil rights (OCR) issued the first HIPAA settlement for 2020. Steven A. Porter, M.D., a gastroenterological sole practitioner, has agreed to pay $100,000 to the OCR for HIPAA violations. On November 21, 2013, Steven A. Porter, M.D. filed a breach report with the OCR claiming that their business associate (BA), Elevation43, was withholding the Practice’s [...]

2023-04-06T14:23:34-04:00March 3rd, 2020|

Electronic Health Information Exchange and HIPAA

Under the HIPAA Privacy Rule, the use or disclosure of protected health information (PHI) is permitted for treatment purposes. Electronic health information exchange - a method of data transmission allowing healthcare professionals and patients to access and secure PHI electronically - facilitates quality treatment, without running afoul of the HIPAA Privacy Rule or the HIPAA Security Rule. What is Electronic Health Information Exchange? Electronic health information exchange (HIE) is [...]

2023-04-06T14:24:15-04:00January 3rd, 2020|

Accidental Disclosure of PHI

Even when a covered entity or business associate maintains an effective HIPAA compliance program, an accidental disclosure of PHI may be made. For example, an employee may accidentally view patient records. A mailing may be sent to the wrong recipient. This article discusses how covered entities and business associates should respond in the event of an accidental PHI disclosure or HIPAA violation. How Should Covered [...]

2023-04-06T14:24:17-04:00December 30th, 2019|

5 HIPAA Covered Entity Employee Tips

Covered entities’ employees play an important role in keeping PHI and ePHI secure. The following HIPAA covered entity employee tips can be used by your organization as part of a broader privacy and security effort.  Five HIPAA Covered Entity Employee Tips - reminders that covered entity employees should give their workforce - include: HIPAA Covered Entity Employee Tips, Tip 1: Employees should never share login credentials. Since login information [...]

2023-04-10T11:40:26-04:00December 27th, 2019|

HIPAA Requirements for Sending PHI

Healthcare entities require a means to easily share protected health information (PHI). When sending PHI it is imperative to keep HIPAA requirements in mind. The Health Insurance Portability and Accountability Act (HIPAA) set forth industry standards for creating, storing, and maintaining of PHI, including HIPAA requirements for sending PHI. Email The most convenient means of sending PHI is via email, however when sending PHI through [...]

2023-04-06T14:24:23-04:00December 13th, 2019|