There are preciously few days left for completing HIPAA compliance activities before the September 23rd enforcement deadline. Technically, all of the regulations are already in effect, but actual enforcement of the 2013 revisions don’t kick in until then. There are no clues to whether this deadline with kick off another round of OCR audits, but … Read more
The Dallas Star is reporting that a contractor for Texas Health Harris Methodist Hospital Fort Worth breached the HIPAA confidentiality of 277,000 patients when it failed to properly destroy microfiche records dating from 1980 to 1990. The microfiche films turned up in a community park. The report did not indicate just how the records came … Read more
Just a note to tell you that the HIPAA Deskbook is back online at Amazon. You can access it through the Publications link on this site.
Do you know whether your server firewall is on? Well, somebody better know, or it could cost you a fine of $400,000 just like it cost the Idaho State University last month. The HIPAA fine was assessed by the Office of Civil Rights (OCR) for 17,500 patient records that were left exposed when the firewall … Read more
With fewer than 90 days left before all of the HIPAA revisions begin enforcement, Health Centers should be well on their way to compliance. If you are not, here are a quick dozen things you should get started on: Do an inventory of your PHI One of the major problems many facilities have is that … Read more
When Google, Apple, and other major players deny cooperating with the federal government and allowing access to their computers for PRISM’s massive data surveillance program, healthcare providers and business associates should not be re-assured. Either these players are issuing denials to cover their backsides, or they are admitting that the government is able to breach … Read more
Let’s face it, federal rules and regulations are too complicated for even the Feds to figure them out, so it should come as little surprise that the HIPAA regulations that went into effect in March 2013 have some errors. In a final regulation to clear up “technical errors”, the feds announced June 7 that the … Read more
A maintenance error that turned off a firewall on a computer server in one of 29 clinics in the Idaho State University healthcare system exposed more than 17,500 patient records for a period of 10 months. When the breach it was discovered in 2011, ISU self-reported to OCR as required by the HIPAA/HITECH data breach … Read more
In a prior post, I mentioned that my daughter was about to release a new reference book on HIPAA and predicted the release would come in April. Wrong. College classes and a social activity or two delayed completion until now, and in spite of my grousing about the delays, her Dean’s List performance did vindicate … Read more
While most folks have not taken the time to read the 561-page HIPAA amendment regulation that goes into effect later this month, there is one huge issue lurking there for hospitals and physicians that use on-line services that digitally transfer, use, or store personal health information (PHI). The new regulations make these folks Business Associates, … Read more