Medical Billing Blog: Section - HIPAA

Archive of all Articles in the HIPAA Section

This is the archive containing links to all articles written in the HIPAA section of our blog.

Click any of the article links below to read the entire article or browse another section to the right to read articles on another subject.

Healthcare security compliance in the cloud

The “cloud” has almost become a buzzword in health IT, with many hospitals considering a shift to remote servers to reduce costs and improve scalability. However, some executives have hesitated, given the cyber-security implications of accessing protected health information through the internet. “It’s like online shopping,” Shaung Liu, chief technology officer of the provider division at Teladoc, said during a Microsoft-sponsored workshop at the Becker’s Hospital Review 3rd Annual Health IT + Revenue Cycle Conference Sept. 21 in Chicago. “When you first did online shopping nobody wanted to put their credit card in the cloud … you didn’t trust it,” he explained. “Now, everybody does.” Teladoc, a telehealth company that

By: Melissa Clark, CCS-P, RT - CEO
No Comments

EHR companies refuted claims of violating HIPAA

The EHR Association (EHRA) Executive Committee has fired back at accusations that EHR companies are partially to blame for interoperability problems, claiming health data exchange is progressing quickly. The association published a response to an earlier post on Health Affairs Blog that accused EHR and health IT companies of monetizing the custody of patient protected health information (PHI). Former ONC Chief Privacy Officer Lucia Savage urged the Office of Inspector General (OIG) to enforce provisions of HIPAA prohibiting business associates such as EHR developers from using PHI for business operations. She stated some EHR companies may be leveraging ownership of patient PHI for profit. “Building a revenue stream out of

By: Melissa Clark, CCS-P, RT - CEO
No Comments

Understanding HIPAA’s Medical Record Transfer Rules

“I recently received an inquiry from a physician who was frustrated by patients returning to his practice multiple times seeking copies of the same medical records. He described a situation where he (“Physician A”) had properly transferred a patient’s medical records to a new physician (“Physician B”). The patient then left Physician B to transfer to Physician C. Physician B was willing to transfer his own medical record for the patient to Physician C, but did not include the portion of the medical record provided by Physician A. Physician A was then required to provide his medical record to the patient again and wondered whether this was a common issue

By: Melissa Clark, CCS-P, RT - CEO
No Comments

How to Collaborate for EHR Usability

The number of health IT developers and products has increased significantly as a result of federal incentives for EHR adoption but correlates with the rise of provider dissatisfaction with the usability of these systems. What providers expect from their EHR systems and what health IT developers deliver have proved not to be one in the same. This disconnect points to the need for the latter to focus on the needs of the former and deliver EHR technology that is user-centered. Therefore, collaboration between health IT developers and clinical end-users is key to ensuring EHR systems are user-friendly in an industry rapidly adopting new technologies year after year to tackle new

By: Melissa Clark, CCS-P, RT - CEO
No Comments

Are Biometrics the Future of HIPAA Security?

Medical electronic health records, or EHRs for short, may have the potential to be much more secure than conventional records. That sounds like a bold claim in light of news about data breaches involving personal information. In fact, according to a report from the Identity Theft Resource Center and CyberScout, the number of tracked data breaches in the United States in 2016 hit an all-time high of 1,093. And still, more than 78% of doctors use EHRs, says the CDC. For medical professionals and the healthcare industry as a whole, keeping sensitive data secure and adhering to HIPAA regulations is a top priority. After all, EHRs can include years of

By: Melissa Clark, CCS-P, RT - CEO
No Comments

The Latest Details on HIPAA Compliance Audits

Deven McGraw, deputy director of the Department of Health and Human Services’ Office for Civil Rights has announced that the department’s plans for initiating onsite audits is currently on hold and will remain so until more than 200 desk audits have been completed. An article over on Data Breach Today gives us great detail on where HIPAA compliance audits stand with their enforcing agency. McGraw informed the HIMSS17 conference in February of the delay. We have decided that it makes a lot more sense to [first] take a look at all we had in the desk audit process and even prepare the overarching report to the public about how those

By: Melissa Clark, CCS-P, RT - CEO
No Comments

Is Your Practice Violating HIPAA Regulations?

Corpus Christi Medical Associates (CCMA), a family practice in Corpus Christi, Texas, has always found it difficult to comply with HIPAA’s privacy and security regulations. “We struggle to have enough resources to dedicate to the ever-changing environment,” said J. Stefan Walker, MD, a family medicine physician at CCMA. “There is always something new and regulations are constantly evolving. It’s a moving target, and cyber-liability is probably the greatest risk, added Walker.” Despite this sentiment, Walker was determined not to be one of the practices listed on the “Wall of Shame” webpage maintained by the Office for Civil Rights (OCR) at the U.S. Department of Health & Human Services. Practices are

By: Melissa Clark, CCS-P, RT - CEO
No Comments

Who’s Accessing Your Health Data?

Despite the fact that ransomware and hacking attacks draw the biggest headlines, it is actually improper insider access that causes the highest number of data breaches. Such are the results from the most recent Protenus “Breach Barometer,” which analyzes reported and sometimes not so publicly reported breaches in healthcare each month. For those who follow privacy and security in healthcare, the Protenus findings are not that surprising. Reports of inappropriate access by insiders are frequent and show a disturbing trend. Many of the reports allege that information was not used in any detrimental manner. Only that snooping occurred. However, there are two problems with that view. First, even small insider

By: Melissa Clark, CCS-P, RT - CEO
No Comments