The Department of Health and Human Services (HHS) announces the Notice of Proposed Rulemaking (NPRM) CMS-0055-P that was recently published in the Federal Register. This NPRM proposes to modify the requirements for the use of the Telecommunication Standard Implementation Guide, Version D, Release 0 (Version D.0), August 2007, National Council for Prescription Drug Programs (NCPDP) […]
Recently I had a very frustrating visit with my doctor. As an educator with an expertise in HIPAA law it is difficult when I run headlong into someone who adamantly believes incorrect information. I hear this often from my clients too when they are dealing with other healthcare offices. It is not surprising. HIPAA is […]
Most every day it seems a new report emerges about an organization that has been compromised. Big names such as Equifax, Neiman Marcus, Target and Home Depot have all made the dreaded announcement of a data breach and even a local Dunkin Donuts franchise in announced that their patron’s information had been inappropriately accessed. The […]
When it comes to cyber security, you are on top of it! You have complex password phrases, password lockers, tight privacy settings on your social media, and even physical safeguards in place. Well done! Unfortunately, scammers and cyber criminals are also on top of their game, continually evolving their techniques and exploiting technological and psychological […]
In their most recent newsletter, OCR reminds all that HIPAA rules require that you protect patient information with technological, administrative and physical safeguards. OCR states: “While the latest security solutions to combat new threats and vulnerabilities get much deserved attention, appropriate physical security controls are often overlooked. Yet physical security controls remain essential and often […]
In June 2018 the Department of Health and Human Services (HHS) issued guidance related to streamlining authorization under HIPAA for uses and disclosures of protected health information (PHI) for research. Under the 21st Century Cures Act of 2016, HHS is required to help simplify the research process by clarifying: 1. the authorization for use or […]
Before the wide-scale introduction of technology to the healthcare industry, the most important thing to remember about disposing of old PHI used to be to lift with your legs to get those dusty storage boxes into the bin for shredding and recycling. Now that most patient data is stored electronically, there’s a lot less heavy […]
The most recent warnings from the Drug Enforcement Administration (DEA) this month concern phishing scams from individuals posing as DEA agents attempting to obtain a physician’s DEA registration number or signature, PHI, social security numbers and even credit card data. Be on guard for suspicious phone calls, faxes or emails. The DEA does not ever […]
Just a reminder to those having a breach in the past year impacting less than 500 individuals, you have until March 1, 2018, to report those breaches to HHS. If you have not already done so, all such breach reporting MUST be sent to HHS no later than this date. If you have a […]
Dealing with a minor’s medical records can be a HIPAA minefield when a child is from a blended family or the parents have a contentious divorce going. This gets especially sticky when you add in stepparents and grandparents and situations where a minor controls all or a portion of their own records. It’s a good […]
