Select
Code Sets
Indexes
Code Sets and
Indexes
Tools
Publications
Advanced Search
Home
Newsletter
Health Information Compliance Alert
Health Information Compliance Alert
Health Information Compliance Alert - 2015; Volume 15, Number 12
Protect Yourself:
Mobile & Medical Devices Are Ripe For HIPAA Breaches
Know what specific policies and procedures the OCR is looking for you to have in place. ...
Read more
Breaches:
When Self-Reporting A Breach Leads To An Even More Serious Investigation
HIPAA compliance practices practically non-existent? That’ll cost you millions. ...
Read more
Checklist:
Follow 10 Critical Steps For An Effective Breach Response
Remember to record breach incidents in your accounting of disclosures log. With sever...
Read more
Enforcement News:
Why Hospital Isn't Liable For Employee's Facebook Posting Of Patient's PHI
Plus: Senators want HHS to clear up confusion over medical identity theft and HIPAA. ...
Read more
Reader Question:
Does The HIPAA Security Rule Require You To Use Encryption?
Question: Is the use of encryption mandatory under the HIPAA Security Rule? ...
Read more
Reader Question:
Can You Disclose Exam/Test Results To Employers?
Question: When an employer pays our medical office to perform drug tests, fitness-for-du...
Read more
Health Information Compliance Alert - 2015; Volume 15, Number 11
Case Study:
Take These 4 Actions Before (Not After) A Breach Incident Occurs
Beware: An additional state AG has healthcare data breaches in its crosshairs. Yet an...
Read more
Compliance:
Brace Yourself For Amped-Up EHR & HIPAA Compliance Enforcement
Hospitals will endure additional scrutiny from the OIG. Just when you thought that HIP...
Read more
Toolkit:
BAs: Use This Checklist To Make Sure You're HIPAA-Compliant
So much information is available for covered entities (CEs) seeking to comply with HIPAA...
Read more
Enforcement News:
Don't Let Your Paper Files Trigger A HIPAA Breach
Plus: Nevada is getting serious about health data-related identity theft. Breach repor...
Read more
Reader Question:
Do You Need To Comply With PCI Standards?
Question: Our practice accepts credit and debit card payments from patients. Does t...
Read more
Reader Question:
How Can You Make Patients More Comfortable With EHRs?
Question: Some of our patients have expressed concerns over our increasing use of e...
Read more
Health Information Compliance Alert - 2015; Volume 15, Number 10
Case Study:
Watch Out: Hackers Want Your Patient Databases
How cyberattackers are gaining easy access to your data. This hasn’t been a good...
Read more
Compliance:
Enjoy More Flexibility & Eased Burdens For EHR Incentive Programs
Certification criteria also gets a makeover for 2015 Edition. The Medicare and Medicai...
Read more
Enforcement News:
Look Out: OCR Now Has 'Something To Prove'
Plus: Mobile health developers are getting a HIPAA education. As if you didn’t h...
Read more
Reader Questions:
Will You Violate HIPAA If You Report Illegal Immigrants?
Question: If our medical office reports someone who is an illegal immigrant, is thi...
Read more
Reader Questions:
Are You Doing These 3 Things When Inventorying Your BAs?
Question: Our clinic is reviewing all our business associates (BAs) and associated ...
Read more
Reader Questions:
What's The Difference Between Remote Disabling & Remote Wiping?
Question: Clinicians in our practice often use mobile devices, including tablets an...
Read more
Health Information Compliance Alert - 2015; Volume 15, Number 9
Case Study:
Backup Devices: Learn 3 Crucial Lessons From The Latest Data Breaches
Why encryption is well worth the cost, especially with flash drives. Flash drives, or ...
Read more
Compliance:
Dispel 7 Common HIPAA Compliance Myths
What to do when clergy members want to visit hospital patients. With all the minutiae ...
Read more
Chart:
Employ Effective Risk Management Strategies For Remote Users
How to prevent ePHI exposure when a laptop or other portable device is lost or stolen. ...
Read more
Enforcement News:
Step-By-Step Guidance Helps You To Make Mobile Devices More Secure
Plus: FDA warns of infusion system at risk for cybersecurity issues. You’ll soon...
Read more
Reader Question:
Breach Affecting Single Person: Do You Still Officially Report It?
Question: If the person affected by a breach knows about it already, do we still ha...
Read more
Reader Question:
How Long Must You Retain Electronic Medical Records?
Question: Does the HIPAA Privacy Rule specify a certain amount of time that our med...
Read more
Reader Question:
What Format Must You Use For Breach Documentation?
Question: For documentation regarding a breach, do we need to have hard copies (pap...
Read more
Health Information Compliance Alert - 2015; Volume 15, Number 8
Case Study:
Implementing New Technology? Perform A Risk Analysis Or Pay The Price
Don’t let portable devices go without proper encryption and proper security precau...
Read more
Policies & Procedures:
Smarten Up Your Data Retention Policy -- Pronto
Beware: Old data left on your network server will only worsen breach fallout. Did you ...
Read more
Toolkit:
Self-Assessment: Do You Have Adequate EHR Contingency Planning?
Keep your contingency planning current to comply with Meaningful Use and HIPAA. Safety...
Read more
Enforcement News:
How PHI Disclosure By Employees Earned HIPAA Whistleblower Exception
Plus: Illinois courts want to see real injury when considering breach lawsuits. One of...
Read more
Reader Questions:
How Can You Find Out If Your Practice Management Software Is Encrypted?
Question: How can I find out whether our practice management software is encrypted?...
Read more
Reader Questions:
What Can You Do To Avoid 'Unintended Consequence' Of EHR Use?
Question: What should our practice do (that’s feasible) to prevent unintended...
Read more
Health Information Compliance Alert - 2015; Volume 15, Number 7
Audits:
What To Expect From The New OIG Security Audits
BAs are off the hook for ePHI security reviews — for now. If you’re partic...
Read more
Security Rule:
Debunk 10 Myths About HIPAA Security Compliance
Why cybersecurity doesn’t trump physical security. Misinformation and myths abou...
Read more
Toolkit:
Questionnaire: Assess Your Practice,s EHR & Health IT Risks
Questions focus on three major risk areas: confidentiality, integrity, and availability....
Read more
Enforcement News:
Beware: Data Theft Still Topping Large-Scale Breach Incidents
Plus: Don’t let employees go on shopping sprees on your patients’ dime. Ju...
Read more
Reader Questions:
Is Your Vendor A Business Associate Under HIPAA?
Question: Our practice is contracting with a new vendor. I sent the vendor a busine...
Read more
Reader Questions:
Do You Need To Post Your NPP On Your Facebook Page?
Question: We’ve just launched a Facebook page for our medical office. Do we n...
Read more
Reader Questions:
Is This A Breach If PHI Doesn't Leave The Facility?
Question: An employee at our hospital accessed records for which he had no legitima...
Read more
Health Information Compliance Alert - 2015; Volume 15, Number 6
Case Study:
Keep Your Eye On 'Look-Alike' Domain Names To Prevent Cyberattacks
How latest HIPAA breach could involve hackers in China. Health insurance companies see...
Read more
Privacy Rule:
Dispel 4 Common PHI Disclosure-Related Myths
HIPAA Privacy Rule does not trump state law-required reporting. With all of the breach...
Read more
Toolkit:
Table: Understand Other Privacy/Security Laws & Requirements
ONC offers new guide to electronic health information for small providers. Mista...
Read more
Enforcement News:
Does Your Employee Confidentiality Policy Violate The NLRA?
Plus: Healthcare breaches due to criminal attacks are on the rise. Even if your employ...
Read more
Reader Questions:
Should You Reply In The Same Way When Contacted Via Social Media?
Question: What if someone contacts our practice through social media and asks...
Read more
Reader Questions:
When Does HIPAA Permit Incidental Disclosure?
Question: When does the HIPAA Privacy Rule allow an incidental healthcare disclosu...
Read more
Health Information Compliance Alert - 2015; Volume 15, Number 5
Case Study:
Get Ready For A 'Flood' Of Settlement Agreements From HIPAA Violations
Beware: Paper medical records are a hot commodity on the black market. If you have any...
Read more
EHRs:
Need To Know: Ask 7 Questions Of Your EHR Developer
Understand the ins and outs of how your backup and recovery system works. Your electro...
Read more
Toolkit:
Mitigate Your Security Risks With Different Types Of EHR Hosts
Cloud-based EHRs make you more dependent on your Internet connection. Do you know the ...
Read more
Enforcement News:
When Medicare Will Remove Your Patients' SSNs From ID Cards
Plus: Find out how CMS plans to ease your MU reporting duties. Your patients will soon...
Read more
Reader Questions:
Is Patient Consent Necessary For Secure Communications?
Question: Is patient consent required under HIPAA to allow secure encrypted communi...
Read more
Reader Questions:
Can You Rely On '100% HIPAA Compliant' Products?
Question: Our office has purchased encryption software that claims to be “100...
Read more
Reader Question:
When Must You Send Out Updated NPPs?
Question: Our office is updating our Notice of Privacy Practices (NPP) to include t...
Read more
Health Information Compliance Alert - 2015; Volume 15, Number 4
Case Study:
Beware: HIPAA Compliance Won't Always Ensure Protection From Breaches
Take 5 steps to go beyond Security Rule standards to protect your data. The most recen...
Read more
HIPAA Lawsuits:
4 Ways Plaintiffs Get Around No-Private-Right-Of-Action Rule
How breach of contract claim may directly impact your NPP. Sure, the federal HIPAA reg...
Read more
Security Rule:
Take 5 Steps To Manage Mobile Device Use In Your Organization
Weigh the risks versus the benefits before using mobile devices. As more and more heal...
Read more
Enforcement News:
Heads Up: Another Court Shoots Down Lawsuit Based On 'Actual Harm'
Plus: OCR’s ‘Wall of Shame’ gets a makeover and new web address. The...
Read more
Mobile Device Safeguards:
Quick Tips For Tighter Security
Beware of file-sharing apps and public Wi-Fi connections. Mobile devices are certainly...
Read more
Reader Questions:
Does Bluetooth Endanger HIPAA Security On Mobile Devices?
Question: Our clinicians use smartphones and tablets. Some of these devices have Bluetoo...
Read more
Reader Question:
What's The Difference Between 'Patches' & 'Updates?'
Question: Are “patches” and “updates” the same thing? If no...
Read more
Health Information Compliance Alert - 2015; Volume 15, Number 3
Case Study:
How 'Phishing' Netted A Monster Of A HIPAA Breach
What Anthem did right, and how you can do it too. Cyber hackers have really outdone th...
Read more
Take A Peek Inside Health Insurers' Cyber Security Practices
Despite lackluster efforts in key security areas, insurers’ confidence is strong. ...
Read more
Audits:
OCR Audits Delayed -- But Don't Let Your Guard Down
Brace yourself for more comprehensive audits instead of desk reviews. The HHS Office f...
Read more
Toolkit:
Kick Off Your Cybersecurity Action Plan With This Checklist
Remember to plan for the unexpected using good backup practices. With so many large, h...
Read more
Enforcement News:
Check Out OCR's New Online Breach Notification Form
Plus: Medical identity theft costs your patients not just money, but their health, too. ...
Read more
Health Information Compliance Alert - 2015; Volume 15, Number 2
HIPAA Compliance:
HIPAA In 2015: Prepare Yourself For 5 Big Trends
Prediction: State law claims will continue to facilitate breach lawsuits. What does...
Read more
Meaningful Use:
Good News: CMS Feels Your MU Pain
But don’t expect to escape payment penalties if you’re noncompliant. The C...
Read more
Case Study:
How To Handle Employee 'Snooping' HIPAA Breaches
Follow these tips to protect yourself when terminating peeping employees. You know wha...
Read more
Enforcement News:
Warning: Laptops Used In The Field Are At High Risk
Plus: You’ll pay big for improperly dumping patient files. Just because a laptop...
Read more
Reader Question:
Is A Complete Security Risk Analysis Optional For Small Providers?
Question: As a very small healthcare provider, do we really need to conduct an in-depth ...
Read more
Reader Question:
Do We Really Need Both Anti-Virus And Anti-Malware Software?
Question: Does our practice need to have both antivirus and anti-malware software? What&...
Read more
Reader Question:
How Can You Know Whether mHealth App Is HIPAA Compliant?
Question: Our practice would like to start using a mobile health app to engage our patie...
Read more
Health Information Compliance Alert - 2015; Volume 15, Number 1
Case Study:
Watch Out: Data Breach Litigation Is Getting More Creative
Missouri court doesn’t care about proving actual damages suffered. Attorneys fil...
Read more
HIPAA Compliance:
Weigh The Pros & Cons Of Communicating With Patients Via Texting
Check out these ‘HIPAA compatible’ text messaging Apps. Text messaging is ...
Read more
Try A Secure Texting Solution:
15 Available Apps
Some texting Apps even provide a signed BAA for your convenience. If you decide to com...
Read more
Enforcement News:
No 'Present Injury,' No Grounds For Lawsuit, State Court Says
Plus: Encryption policy does nothing if you don’t actually follow it. If you&rsq...
Read more
Reader Question:
Is A 'Consent Form' A Good Idea For Email Communications?
Question: Should we develop some sort of consent form for patients to sign if they ...
Read more
Reader Question:
What Are Some Tips To Elicit More Support For Risk Management?
Question: How can I get support from management for my risk management program? A...
Read more
Available Years:
2015
2014
2013
2012
2011
2010
2009
2008
2007
2006
2005
2004
2003
2002