Medical Billing Blog: Section - HIPAA

Archive of all Articles in the HIPAA Section

This is the archive containing links to all articles written in the HIPAA section of our blog.

Click any of the article links below to read the entire article or browse another section to the right to read articles on another subject.

Understanding HIPAA’s Medical Record Transfer Rules

“I recently received an inquiry from a physician who was frustrated by patients returning to his practice multiple times seeking copies of the same medical records. He described a situation where he (“Physician A”) had properly transferred a patient’s medical records to a new physician (“Physician B”). The patient then left Physician B to transfer to Physician C. Physician B was willing to transfer his own medical record for the patient to Physician C, but did not include the portion of the medical record provided by Physician A. Physician A was then required to provide his medical record to the patient again and wondered whether this was a common issue

By: Melissa Clark, CCS-P, RT - CEO
No Comments

How to Collaborate for EHR Usability

The number of health IT developers and products has increased significantly as a result of federal incentives for EHR adoption but correlates with the rise of provider dissatisfaction with the usability of these systems. What providers expect from their EHR systems and what health IT developers deliver have proved not to be one in the same. This disconnect points to the need for the latter to focus on the needs of the former and deliver EHR technology that is user-centered. Therefore, collaboration between health IT developers and clinical end-users is key to ensuring EHR systems are user-friendly in an industry rapidly adopting new technologies year after year to tackle new

By: Melissa Clark, CCS-P, RT - CEO
No Comments

Are Biometrics the Future of HIPAA Security?

Medical electronic health records, or EHRs for short, may have the potential to be much more secure than conventional records. That sounds like a bold claim in light of news about data breaches involving personal information. In fact, according to a report from the Identity Theft Resource Center and CyberScout, the number of tracked data breaches in the United States in 2016 hit an all-time high of 1,093. And still, more than 78% of doctors use EHRs, says the CDC. For medical professionals and the healthcare industry as a whole, keeping sensitive data secure and adhering to HIPAA regulations is a top priority. After all, EHRs can include years of

By: Melissa Clark, CCS-P, RT - CEO
No Comments

The Latest Details on HIPAA Compliance Audits

Deven McGraw, deputy director of the Department of Health and Human Services’ Office for Civil Rights has announced that the department’s plans for initiating onsite audits is currently on hold and will remain so until more than 200 desk audits have been completed. An article over on Data Breach Today gives us great detail on where HIPAA compliance audits stand with their enforcing agency. McGraw informed the HIMSS17 conference in February of the delay. We have decided that it makes a lot more sense to [first] take a look at all we had in the desk audit process and even prepare the overarching report to the public about how those

By: Melissa Clark, CCS-P, RT - CEO
No Comments

Is Your Practice Violating HIPAA Regulations?

Corpus Christi Medical Associates (CCMA), a family practice in Corpus Christi, Texas, has always found it difficult to comply with HIPAA’s privacy and security regulations. “We struggle to have enough resources to dedicate to the ever-changing environment,” said J. Stefan Walker, MD, a family medicine physician at CCMA. “There is always something new and regulations are constantly evolving. It’s a moving target, and cyber-liability is probably the greatest risk, added Walker.” Despite this sentiment, Walker was determined not to be one of the practices listed on the “Wall of Shame” webpage maintained by the Office for Civil Rights (OCR) at the U.S. Department of Health & Human Services. Practices are

By: Melissa Clark, CCS-P, RT - CEO
No Comments

Who’s Accessing Your Health Data?

Despite the fact that ransomware and hacking attacks draw the biggest headlines, it is actually improper insider access that causes the highest number of data breaches. Such are the results from the most recent Protenus “Breach Barometer,” which analyzes reported and sometimes not so publicly reported breaches in healthcare each month. For those who follow privacy and security in healthcare, the Protenus findings are not that surprising. Reports of inappropriate access by insiders are frequent and show a disturbing trend. Many of the reports allege that information was not used in any detrimental manner. Only that snooping occurred. However, there are two problems with that view. First, even small insider

By: Melissa Clark, CCS-P, RT - CEO
No Comments

Managing HIPAA Risk with Outside Consultants

The rising complexity of healthcare, particularly as it relates to providers’ growing technical needs, is increasingly prompting healthcare organizations to seek the help of outside consultants. In engagements with healthcare entities, thought IT consultants try to minimize interaction with patient data, they often have access to protected health information (PHI). When working with HIPAA Covered Entities, consultants are treated as “business associates” and are required to comply with Privacy Rules designed to protect PHI. Managing HIPAA compliance when engaging outside consultants requires that consultants enter into a Business Associate Agreement (BAA). The BAA must: Describe the permitted and required uses of PHI by the business associate in the context of

By: Melissa Clark, CCS-P, RT - CEO
No Comments