Take Information Security Home

doughnuts

Safeguarding your patients’ protected health information (PHI) is a critical part of your everyday routine. What about when you leave the office? Your healthcare, financial, and other personal information require thoughtful handling, too. As reported in the Becker’s Hospital Review in February 2019, an individual’s healthcare record can sell for up to $1,000 on the […]

New HIPAA Fact Sheet for Business Associates

On May 24, the HHS Office for Civil Rights (OCR) released a new fact sheet for Business Associates explaining their liability for HIPAA compliance. OCR is the government enforcement agency for HIPAA compliance. They have the authority to take enforcement action against business associates for failing to comply with requirements and prohibitions. Since the implementation […]

Will the GDPR Affect Your Practice?

What is the GDPR? GDPR or General Data Protection Regulations is a set of laws passed by the European Union (EU) in May 2018, to provide rules for protecting electronic data on individuals in the European Union. These regulations include similar security restrictions for Europe as HIPAA does for the USA. One of the biggest differences […]

April News Roundup

orange check mark total medical compliance logo

It’s a busy world out there and it can be tough to keep up on all the news. Here are three compliance-related news stories to keep you “in the know.” Alexa is getting a HIPAA upgrade Alexa the voice-controlled digital assistant from Amazon, is commonly used for home automation, entertainment streaming, and various administrative functions, […]

D.0 Notice of Proposed Rulemaking

administrative simplification

The Department of Health and Human Services (HHS) announces the Notice of Proposed Rulemaking (NPRM) CMS-0055-P that was recently published in the Federal Register. This NPRM proposes to modify the requirements for the use of the Telecommunication Standard Implementation Guide, Version D, Release 0 (Version D.0), August 2007, National Council for Prescription Drug Programs (NCPDP) […]

HIPAA Myth: Listening to Family and Friends

HIPAA

Recently I had a very frustrating visit with my doctor. As an educator with an expertise in HIPAA law it is difficult when I run headlong into someone who adamantly believes incorrect information. I hear this often from my clients too when they are dealing with other healthcare offices. It is not surprising. HIPAA is […]

Breach Should Be a Four-Letter Word

Most every day it seems a new report emerges about an organization that has been compromised. Big names such as Equifax, Neiman Marcus, Target and Home Depot have all made the dreaded announcement of a data breach and even a local Dunkin Donuts franchise in announced that their patron’s information had been inappropriately accessed. The […]

What’s New in Cyber Crime?

cyber crime

When it comes to cyber security, you are on top of it! You have complex password phrases, password lockers, tight privacy settings on your social media, and even physical safeguards in place. Well done!  Unfortunately, scammers and cyber criminals are also on top of their game, continually evolving their techniques and exploiting technological and psychological […]

HHS Office of Civil Rights (OCR) Warns: Don’t Forget About Physical Security

In their most recent newsletter, OCR reminds all that HIPAA rules require that you protect patient information with technological, administrative and physical safeguards. OCR states: “While the latest security solutions to combat new threats and vulnerabilities get much deserved attention, appropriate physical security controls are often overlooked. Yet physical security controls remain essential and often […]

HHS Releases New Guidance on Research Authorizations

hipaa

In June 2018 the Department of Health and Human Services (HHS) issued guidance related to streamlining authorization under HIPAA for uses and disclosures of protected health information (PHI) for research. Under the 21st Century Cures Act of 2016, HHS is required to help simplify the research process by clarifying: 1. the authorization for use or […]