Author: Gallagher, Lisa; Yale, Ken

Source: In Confidence (newsletter)

Publication Date: August 02, 2003

The HIPAA privacy rule requires that a covered entity (CE) institute appropriate administrative, technical, and physical measures to reasonably safeguard the privacy of protected health information (PHI). In order to keep information “private,” it must be kept safe or secure. Therefore, logic....

Author: Lewis, Sharon; McLendon, Kelly

Source: Journal of AHIMA

Publication Date: October 2015

HIPAA uses the term “satisfactory assurances” four times in the text of its Privacy and Security Rules. Each time the statement is used it describes a covered entity’s (CE) responsibility to obtain satisfactory assurances from a business associate who creates, receives, maintains, or tran....

Author: National Committee on Vital and Health Statistics (NCVHS)

Source: Government (U.S.)

Publication Date: April 24, 2008

Author: National Committee on Vital and Health Statistics (NCVHS)

Source: Government (U.S.)

Publication Date: December 19, 2007

Author: Dimick, Chris

Source: Journal of AHIMA

Publication Date: February 2010

The movement to give patients better access to and control of their health information is giving HIM a new customer: the patient. That requires a shift in both operations and culture.

HIM, MEET THE new patient.

While a simple release of information on paper might have once....

Author: Hagland, Mark

Source: Journal of AHIMA

Publication Date: February 2004

New technologies are enhancing the ability to protect patient information. But there’s more to successful implementation than just what’s inside the box.

Melanie Schattauer, RHIA, Jack Obert, and their colleagues at Mercy St. John’s Health System in Springfield, M....

Author: Choy, Angela; Pritts, Joy; Goldman, Janlori

Source: Journal of AHIMA

Publication Date: May 2002

E-health—from basic health information Web sites to online consultations—is flourishing. And though the government is trying to protect consumers under the HIPAA privacy rule, many Web sites aren’t covered. In this article, privacy experts explain which Web sites are covered an....

Author: Amatayakul, Margret

Source: Journal of AHIMA

Publication Date: September 2003

Direct caregivers have long been concerned about balancing patient protections with “customer” relations: Who do you talk to and how much do you tell? This was an issue long before HIPAA, and has only become more complex with HIPAA. And while HIPAA provides guidance, there are still....

Author: U.S. Department of Health and Human Services

Source: Government (U.S.)

Publication Date: December 16, 2008

Author: Jones, Rhys W.

Source: In Confidence (newsletter)

Publication Date: January 02, 2001

Background


The Health Insurance Portability and Accountability Act (HIPAA) and its related transaction, security, and privacy regulations apply directly to certain entities, but not to all recipients of health information. The regulations define three classes of “covered enti....

Author: Roach, Michael C.

Source: In Confidence (newsletter)

Publication Date: September 02, 2002

Part two in a two-part series
This is the second of two articles on the subject of HIPAA preemption of state privacy law. This article will discuss some practical effects of the preemption rules and where covered entities might turn for assistance in addressing the question of preemptio....

Author: Roach, Michael C.

Source: In Confidence (newsletter)

Publication Date: August 02, 2002

Part one in a two-part series
This is the first of two articles on the subject of HIPAA preemption of state privacy law. This article will explain the provisions of the HIPAA regulations regarding preemption. In the September issue we will discuss some practical effects of the preemptio....

Author: Burrington-Brown, Jill

Source: Journal of AHIMA

Publication Date: October 2004

When covered entities implemented the HIPAA privacy rule more than a year ago, the intention was to strengthen patient privacy protection and improve provider access to information, thereby improving quality of care. At times that can be a difficult balancing act.

The mainstream and....

Author: Amatayakul, Margret

Source: Journal of AHIMA

Publication Date: April 2001

The qualifying "perhaps" recognizes that today, more than ever before, information flows through our organizations at lightning speed. More people within an organization can easily print healthcare documents, automatically send a fax, and e-mail attachments. The risk of even well-int....

Author: Washington, Lydia; Katsh, Ethan; Sondheimer, Norman

Source: Journal of AHIMA

Publication Date: November 2009

Healthcare providers receive relatively few patient requests to correct or change information in their records. In part, that has been because patients had poor access to their information. EHRs, PHRs, and private and public initiatives may change all that. Is healthcare ready?

A per....

Author: Nicholson, Ruby E.

Source: Journal of AHIMA

Publication Date: February 2002

For HIM professionals in behavioral health settings, the HIPAA privacy regulations pose a downright dilemma. Here’s why.


The privacy rule defines psychotherapy notes as:


Notes recorded in any medium by a mental health professional documenting or analyzing....

Author: White, Susan E

Source: Journal of AHIMA

Publication Date: April 2013

One of the newest buzz words in data analytics is “Big Data,” and the data created through the healthcare industry is some of the “biggest” around. The widespread implementation of electronic health records (EHRs) and the need to share data to measure quality and ma....

Author: Hughes, Gwen

Source: AHIMA practice brief | Journal of AHIMA

Publication Date: January 2003

This practice brief has been updated. See the latest version here. This version is made available for historical purposes only.

Author: Wheatley, Victoria

Source: Journal of AHIMA

Publication Date: February 2004

Whatever happened to the unique health identifier for individuals (UHI)? The UHI was one of four identifiers included in HIPAA. In July 1998 the Department of Health and Human Services (HHS) and the former Health Care Financing Administration (now the Centers for Medicare and Medicaid Services....

Author: Cerda, Clarissa; Fernandes, Lorraine M.

Source: AHIMA Convention

Publication Date: September 23, 2002

Author:

Source: In Confidence (newsletter)

Publication Date: August 09, 2002

Author: Ruano, Michael

Source: In Confidence (newsletter)

Publication Date: June 02, 2003

Part four in a 10-part series.
This article is the fourth of a 10-part series that introduces the domains of information security and relates them to federal HIPAA regulations. The information security domain of cryptography is probably the most complex and mathematical of all the domai....

Author: Gellman, Robert

Source: Journal of AHIMA

Publication Date: October 2006

In the past year there have been some surprising twists in the interpretation of HIPAA’s criminal penalty. This article reviews current views of the penalty and considers the effect on sanctions for healthcare workers who fail to comply with health privacy policies.
The Statute and....

Author: Hughes, Gwen

Source: Journal of AHIMA

Publication Date: October 2002

Many HIM professionals will be called upon to perform an extraordinary feat during the next six months. They will be asked to bring one or more organizations into compliance with the HIPAA privacy rule by April 14, 2003. While this task is challenging in organizations that began such efforts a....

Author: Rozen, Michael J.

Source: In Confidence (newsletter)

Publication Date: December 02, 2002

Consumers and patients are becoming increasingly and justifiably worried about the confidentiality of their personal information. Cases of prominent disclosures recently highlighted by the media have heightened the fear of abuse and discrimination from inappropriate disclosure of protected he....

Author: Ingram-Muhammad, Sybil

Source: Journal of AHIMA

Publication Date: February 2002

How far along the road to compliance with the HIPAA privacy regulation is your organization? This article tells you the steps you should be taking to get in compliance by the April 2003 deadline.

It is February 2002—14 months before your organization has to be compliant with th....

Author: Dunn, Rose T

Source: Journal of AHIMA

Publication Date: January 2003

Author: Hjort, Beth M.

Source: In Confidence (newsletter) | AHIMA Q and A

Publication Date: September 02, 2001

Q: I understand that HIPAA’s privacy rule sets up expectations for covered entities to help ensure that protected health information disclosed to business associates is restricted for redisclosure. How can covered entities control them?
A: The Department of Health and Human Services rea....

Author: Hjort, Beth M.

Source: AHIMA practice brief

Publication Date: October 2002

This practice brief appendix has been retired. It is made available for historical purposes only.

Author: Hughes, Gwen

Source: AHIMA practice brief | Journal of AHIMA

Publication Date: May 2001

This practice brief appendix has been updated. See the latest version here. This version is made available for historical purposes only.

Author: Asmonga, Donald D.

Source: In Confidence (newsletter)

Publication Date: February 02, 2003

2002 Legislative Highlights

2002 was a busy year for privacy legislation. From the privacy advocates voicing legitimate concerns about protecting an individual’s most sensitive information to health industry representatives explaining their need for information to provide quality....

Author: Hutchins, Sheri

Source: Journal of AHIMA

Publication Date: November 2007

Nearly five years after its implementation, HIPAA’s minimum necessary standards continue to be problematic for many organizations. A recent report released by the Agency for Healthcare Research and Quality confirms the ongoing confusion over interpretation of the requirement.1

....

Author: U.S. Substance Abuse and Mental Health Services Administration. Center for Substance Abuse Treatment

Source: Government (U.S.)

Publication Date: June 04, 2004

Author: Halpert, Aviva M.

Source: Journal of AHIMA

Publication Date: May 2008

An HIM department’s disaster management plan is an iterative process with four identifiable phases that cycle continuously: plan development, back-up, recovery, and interim management. The first part of this series in the April 2008 issue provided an overview of plan development, data ba....

Author: Halpert, Aviva M.

Source: Journal of AHIMA

Publication Date: April 2008

Disaster management for an HIM department is an iterative process with four identifiable phases that cycle continuously: plan development, back-up, recovery, and interim management. In subsequent iterations of the cycle, plan re-evaluation replaces plan development.

Regardless of wh....

Author: Amatayakul, Margret; Johns, Merida L.

Source: Journal of AHIMA

Publication Date: November 2002

Depending on how you count them, there are anywhere from 20 to 60 new policies, procedures, forms, and other related documents required by HIPAA. Its training requirements specify that all members of the work force must be trained on policies and procedures with respect to protected health inf....

Author: Dimick, Chris

Source: Journal of AHIMA

Publication Date: April 2015

The spiders of time have been hard at work on the US healthcare privacy and security rules, to the point that their place in health IT interoperability has become fogged and is inhibiting their proper role in the meaningful exchange of health information, according to Lucia Savage, JD, th....

Author: U.S. Federal Communications Commission

Source: Government (U.S.)

Publication Date: July 07, 2004

The FCC clarifies that the use of Telecommunications Relay Services to facilitate telephone calls between health care professionals and patients does not violate the HIPAA Privacy Rule.

Author: U.S. Department of Health and Human Services

Source: Federal Register

Publication Date: September 15, 2004

Author: Brandt, Mary D.

Source: AHIMA sample form

Publication Date: June 14, 2005

Author: Downing, Kathy; McLendon, Kelly

Source: Journal of AHIMA

Publication Date: November 2013

Accounting of disclosures (AOD) is one "patient right" listed within the HIPAA Privacy Rule. Since the rules were implemented in 2003, AOD has been a topic of much discussion but has not generated much regulatory action from the US Department of Health and Human Services' (HHS) Office for....

Author: Dougherty, Michelle

Source: Journal of AHIMA

Publication Date: April 2002

In recent months, anthrax outbreaks and concern over bioterrorism threats have created a greater need for the US to have a system to monitor and report public health information in a timely manner. The Centers for Disease Control and Prevention (CDC) are developing standards for a new approach....

Author: Weintraub, Abner E.

Source: Journal of AHIMA

Publication Date: May 2003

With the April 14 HIPAA privacy deadline behind us, many covered entities are still struggling to become compliant. Limited budgets and staff, conflicting advice, and unforeseen delays have all conspired to keep many covered entities from meeting the deadline.


What do you tell....

Author: Dimick, Chris

Source: Journal of AHIMA

Publication Date: August 2009

In California, teasing apart state and federal breach notification laws highlights the challenges organizations everywhere face in determining their responsibilities under ARRA’s new privacy regulations.

Within healthcare organizations, the temptation for some staff can be great: wh....

Author: Dunn, Rose T

Source: Journal of AHIMA

Publication Date: May 2003

The privacy rule allows a covered entity to charge a cost-based fee for providing an accounting of disclosure (AOD). Has your organization determined these costs? Calculating the actual costs may be more involved than you think. This article will discuss the requirements for setting the fee an....

Author: Butler, Mary

Source: Journal of AHIMA - website

Publication Date: April 2014

The HITECH-HIPAA Final Rule has changed the way healthcare organizations do business, and those with seats in the C-suite can’t afford to stay out of the weeds with the new regulations.


Daniel Solove, founder of the HIPAA training firm TeachPrivacy, and law professor at....

Author: Bowen, Rita K.

Source: Journal of AHIMA - website

Publication Date: April 2013

The HIPAA Omnibus Rule, the new Final Rule modifying HIPAA, was published in the Federal Register on January 25, 2013. The amended rule went into effect on March 26 and full compliance is expected by September 23. For HIM professionals, the most far-reaching of the changes to HIPAA is that....

Author: Nass, Sheryl J.; Levit, Laura A.; Gostin, Lawrence O.; Institute of Medicine; National Academies Press

Source: External web site

Publication Date: January 09, 2009

Author: Tomes, Jonathan P.

Source: Journal of AHIMA - website

Publication Date: January 2014

This is the third installment in a three-part article series on avoiding liability for breaches by business associates. This article will discuss adjustments needed in the business associate relationship, as well as ongoing strategies for adapting to the recent changes.
....

Author: McLendon, Kelly

Source: Journal of AHIMA

Publication Date: March 2012

There has been a lack of enforcement of the privacy and security rules ever since HIPAA's inception. As such the adoption of comprehensive HIPAA compliance programs has lagged behind EHR development and implementation.

This in turn has caused little funding to be budgeted by provide....