Medical Billing Blog: Section - HIPAA
Archive of all Articles in the HIPAA Section
This is the archive containing links to all articles written in the HIPAA section of our blog.
Click any of the article links below to read the entire article or browse another section to the right to read articles on another subject.
Are Biometrics the Future of HIPAA Security?
Medical electronic health records, or EHRs for short, may have the potential to be much more secure than conventional records. That sounds like a bold claim in light of news about data breaches involving personal information. In fact, according to a report from the Identity Theft Resource Center and CyberScout, the number of tracked data breaches in the United States in 2016 hit an all-time high of 1,093. And still, more than 78% of doctors use EHRs, says the CDC. For medical professionals and the healthcare industry as a whole, keeping sensitive data secure and adhering to HIPAA regulations is a top priority. After all, EHRs can include years of …
The Latest Details on HIPAA Compliance Audits
Deven McGraw, deputy director of the Department of Health and Human Services’ Office for Civil Rights has announced that the department’s plans for initiating onsite audits is currently on hold and will remain so until more than 200 desk audits have been completed. An article over on Data Breach Today gives us great detail on where HIPAA compliance audits stand with their enforcing agency. McGraw informed the HIMSS17 conference in February of the delay. We have decided that it makes a lot more sense to [first] take a look at all we had in the desk audit process and even prepare the overarching report to the public about how those …
Is Your Practice Violating HIPAA Regulations?
Corpus Christi Medical Associates (CCMA), a family practice in Corpus Christi, Texas, has always found it difficult to comply with HIPAA’s privacy and security regulations. “We struggle to have enough resources to dedicate to the ever-changing environment,” said J. Stefan Walker, MD, a family medicine physician at CCMA. “There is always something new and regulations are constantly evolving. It’s a moving target, and cyber-liability is probably the greatest risk, added Walker.” Despite this sentiment, Walker was determined not to be one of the practices listed on the “Wall of Shame” webpage maintained by the Office for Civil Rights (OCR) at the U.S. Department of Health & Human Services. Practices are …
Who’s Accessing Your Health Data?
Despite the fact that ransomware and hacking attacks draw the biggest headlines, it is actually improper insider access that causes the highest number of data breaches. Such are the results from the most recent Protenus “Breach Barometer,” which analyzes reported and sometimes not so publicly reported breaches in healthcare each month. For those who follow privacy and security in healthcare, the Protenus findings are not that surprising. Reports of inappropriate access by insiders are frequent and show a disturbing trend. Many of the reports allege that information was not used in any detrimental manner. Only that snooping occurred. However, there are two problems with that view. First, even small insider …
Managing HIPAA Risk with Outside Consultants
The rising complexity of healthcare, particularly as it relates to providers’ growing technical needs, is increasingly prompting healthcare organizations to seek the help of outside consultants. In engagements with healthcare entities, thought IT consultants try to minimize interaction with patient data, they often have access to protected health information (PHI). When working with HIPAA Covered Entities, consultants are treated as “business associates” and are required to comply with Privacy Rules designed to protect PHI. Managing HIPAA compliance when engaging outside consultants requires that consultants enter into a Business Associate Agreement (BAA). The BAA must: Describe the permitted and required uses of PHI by the business associate in the context of …
