HIPAA Blog Posts: HIPAA HITECH Act

100th HIPAA HITECH Blog: How To Manage Your Business Associates and Sub-Contractors

The major shift has been the law firms acknowledging that covered entities are responsible for their business associates and their sub-contractors.  Compliance Helper has developed the Compliance Meter tm  and The Compliance CO-OP for effectively managing BAs and Subs.

Continue reading…

Small Insurance Agent Gets HIPAA Compliant with The Compliance CO-OP

"I know each month when I get my compliance meter (monthly report card) that I have done all I can do to be HIPAA compliant for that month. At the end of the day, if there is a breach or the Department of Health and Human Services knocks on your door and asks for to prove you are in compliance with HIPAA/HITECH, I can, without a doubt, prove that I am in compliance." Burman Clark, Muneris Benefits

Continue reading…

"PHI warnings" in communications -- a potential source of unintended security breach? Fox Rothschild LLP

"Finally, if PHI is sent to a recipient prior to the parties’ execution of a compliant BAA and implementation of policies and procedures to protect PHI properly, a PHI Warning is unlikely to mitigate the liability of the sender (or recipient) for a security breach under HIPAA/HITECH."

Continue reading…

HIPAA Violations Not Always Due to Patient Data Breaches

You don't have to have a patient data breach to be guilty of HIPAA violations.  If you don't have a compliant privacy and security program in place today you are probably already in breach of HIPAA rules.

Continue reading…

HIPAA HITECH Compliance in 2 Hours a Week: The Compliance CO-OP

With a personal Helper answering your questions, an investment of 2 hours a week, and at a cost under $500 per year, your small (1-5 employees) company can be on the path to HIPAA HITECH compliance.

Continue reading…

HIPAA Medical data breaches most often caused by theft

An analysis of HHS information finds the biggest security leaks come from stolen laptops and removable memory technology. The take-home message: Keep devices locked up.By Pamela Lewis Dolan, amednews staff. Posted Sept. 3, 2010.

Continue reading…

HIPAA Violations with Paper Records by Business Associate and Sub-Contractor

Four Massachusetts community hospitals are investigating how thousands of patient health records, some containing Social Security numbers and sensitive medical diagnoses, ended up in a pile at a public dump.  The unshredded records included pathology reports with patients’ names, addresses, and results of breast, bone, and skin cancer tests, as well as the results of lab work following miscarriages.  By Liz Kowalczyk Globe Staff / August 13, 2010

Continue reading…

Information Security and Privacy Compliance Work Plan by Rebecca Herold, The Privacy Professor

The following is a high-level work plan to create an information security and privacy program to meet compliance with HIPAA, HITECH and other regulatory and contractual requirements. The areas listed will vary depending upon the organization’s business model, size, number of geographic locations, other applicable legal requirements, and any other unique factors. Each organization should use this as a starting point and change appropriately for its own unique business situation.

Continue reading…

Business Associates Must Comply with Ther HIPAA Contracts, Now!

"Holding a business associate contractually liable, not only for improper uses and disclosures of PHI, but also for compliance with all other requirements of the Privacy Rule that pertain to the performance of the business associate's contract"  Reinhart Boerner Van Deuren SC

Continue reading…

44% of CIOs say Business Associates Not Ready for "Meaningful Use":Pricewaterhouse Coopers Study Shows

44% of CIOs say they are concerned that the external vendors they rely on in health information exchanges are not prepared for meaningful use implementation according to a survey done by Pricewaterhouse Coopers.

Continue reading…