Author: Wiedemann, Lou Ann

Source: Journal of AHIMA

Publication Date: April 2017

Editor’s Note: The following is an excerpt from the new “External HIPAA Audit Readiness Toolkit” developed by AHIMA. The full toolkit is free for AHIMA members.


THE HITECH OMNIBUS Rule mandated that the US Department of Health and Human Services (HHS) condu....

Author: Barrett, Charlotte S; Beidler, Aurae; Davis, Nancy; Glondys, Barbara

Source: Journal of AHIMA

Publication Date: November 2016

Developing policies and standard procedures when working with patient aliases is one way to both respect patient privacy but also ensure the accuracy and integrity of patient data.


As defined in AHIMA’s Pocket Glossary, an “alias” is “a name added to,....

Author: AHIMA Work Group

Source: AHIMA practice brief

Publication Date: October 2016

This update supersedes the November 2013 practice brief, Guidelines for a Compliant Business Associate Agreement.



The Privacy Rule portion of the Health Insurance Portability and Accountability Act (HIPAA) defines a "business associate (BA) as a person or entity that performs....

Author: Saharia, Devendra

Source: Journal of AHIMA

Publication Date: April 2016

Disruptive technology can turn any industry on its head—virtually overnight. Just five years ago, summoning a taxi was an inefficient, time-consuming effort that often involved dialing up a dispatcher, who contacted a driver, who would then make their way to your location, perhaps in an h....

Author: Brinda, Danika

Source: Journal of AHIMA

Publication Date: January 2016

Stories about workforce members inappropriately accessing health information continue to plague the Department of Health and Human Services’ Data Breach Portal—which lists US provider data breaches that affect more than 500 individuals. Recently two data breaches reported on th....

Author: Lucci, Susan; Walsh, Tom

Source: Journal of AHIMA

Publication Date: November 2015

One of the most alarming statistics in the news, which is growing with intent and severity, is the prevalence of cyber-attacks, particularly in healthcare. It is an alarming trend that has gained a good deal of attention. For example, in July 2015, UCLA reported that up to 4.5 million pati....

Author: Lewis, Sharon; McLendon, Kelly

Source: Journal of AHIMA

Publication Date: October 2015

HIPAA uses the term “satisfactory assurances” four times in the text of its Privacy and Security Rules. Each time the statement is used it describes a covered entity’s (CE) responsibility to obtain satisfactory assurances from a business associate who creates, receives, maintains, or tran....

Author: Butler, Mary

Source: Journal of AHIMA

Publication Date: April 2015

In movies and on television lately, Hollywood has made encryption and decryption look exciting, glamorous, and world-saving. The film The Imitation Game and the BBC show The Bletchley Circle chronicle how British code breakers decrypted military strategy codes from the Nazi encryption tool....

Author: Asmonga, Donald D.

Source: Journal of AHIMA

Publication Date: January 2015

The wait for the second round of mandated privacy and security audits from the Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) continues. OCR is currently working through final details for the revised audit plan as they await finalization of new technolog....

Author: Cacciatore, Victoria; Downing, Katherine

Source: Journal of AHIMA

Publication Date: July 2014

Criminal attacks on healthcare systems have risen 100 percent since 2010, according to a recent Ponemon study.1 This makes it obvious that the privacy and security of patient health information is vulnerable and highly susceptible to data breach. The HIPAA Breach Notification Rule became e....

Author:

Source: Journal of AHIMA

Publication Date: May 2014

Many health information management (HIM) experts have wondered whether there is protected health information (PHI) on the black market. In short, the answer is “yes.” According to a 2012 Ponemon Institute study, 90 percent of healthcare organizations surveyed have had at least....

Author: Hicks, Andrew

Source: Journal of AHIMA

Publication Date: April 2014

Some healthcare business associates are still asking if HITECH-HIPAA impacts them. The answer is just as important to their affiliated healthcare providers.


Thousands of companies are now legally obligated to comply with the HITECH-HIPAA regulations because of their busines....

Author: Walsh, Tom

Source: AHIMA practice brief

Publication Date: November 2013

Editor’s note: This update replaces the January 2011 practice brief “Security Risk Analysis and Management: An Overview.”


Managing risks is an essential step in operating any business. It’s impossible to eliminate all threats; however, healthcare organizati....

Author: AHIMA

Source: AHIMA practice brief

Publication Date: November 2013

This 2013 practice brief version has been retired and is retained here for historical purposes. Read the 2016 updated version of this Practice Brief here.



The Privacy Rule portion of the Health Insurance Portability and Accountability Act (HIPAA) of 1996 defines a "business....

Author: Miaoulis, William M

Source: AHIMA practice brief

Publication Date: November 2013

Editor’s note: This update replaces the April 2004 and the November 2010 practice briefs titled “A HIPAA Security Overview.”


The HIPAA security rule has remained unchanged since its implementation more than a decade ago. However, the Health Information Technology for Economic a....

Author: Downing, Kathy; Lucci, Susan; Lerch, Diane M

Source: AHIMA practice brief

Publication Date: October 2013

Editor's note: This update replaces the November 2010 practice brief "HIPAA Privacy and Security Training."


On January 25, 2013, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published the long-awaited Health Insurance Portability and Accoun....

Author: Warner, Diana

Source: Journal of AHIMA

Publication Date: April 2013

The HITECH Act’s omnibus HIPAA modification final rule, released January 25, 2013, finalized sweeping changes to privacy and security regulations. Though much of the proposed rule was adopted, the omnibus rule included major changes made to the “harm threshold” standard i....

Author: Solove, Daniel J

Source: Journal of AHIMA

Publication Date: April 2013

How HIPAA has performed overall as a privacy law is open to interpretation, but most agree it has had a wide-reaching impact on the healthcare industry. In comparison to the dozens of federal privacy laws for various industries, HIPAA is one of the most comprehensive and detailed. 

Author: AHIMA

Source: AHIMA regulation analysis

Publication Date: January 25, 2013

Author: U.S. Office for Civil Rights

Source: U.S. Department of Health & Human Services | U.S. Office for Civil Rights

Publication Date: January 2013

Rule modifies HIPAA by implementing statutory amendments under HITECH to strengthen the privacy and security protection for individuals’ health information; modifies the Breach Notification Rule under the HITECH Act, modifes the HIPAA Privacy Rule to strengthen the privacy protections for genetic information and makes certain other modifications to the HIPAA Privacy, Security, Breach Notification, and Enforcement Rules (the HIPAA Rules) to improve their workability and effectiveness and to increase flexibility for and decrease burden on regulated entities.

Author: Greene, Adam H

Source: Journal of AHIMA

Publication Date: April 2012

The HIPAA privacy and security rules need not act as an obstacle to efficient communications, but keeping texting compliant requires planning and diligence.

Text (or SMS) messaging has become nearly ubiquitous on mobile devices. According to one survey, approximately 72 perce....

Author: Tomes, Jonathan P.

Source: Journal of AHIMA

Publication Date: March 2012

HHS's renewed interest in auditing for compliance is a good reminder to covered entities to ensure their privacy and security programs are up to date.

The Department of Health and Human Services' (HHS) announcement of a new program to audit compliance with the HIPAA priva....

Author: McLendon, Kelly

Source: Journal of AHIMA

Publication Date: March 2012

There has been a lack of enforcement of the privacy and security rules ever since HIPAA's inception. As such the adoption of comprehensive HIPAA compliance programs has lagged behind EHR development and implementation.

This in turn has caused little funding to be budgeted by provide....

Author: Dimick, Chris

Source: Journal of AHIMA

Publication Date: February 2012

The HIPAA transaction standards-meant to streamline financial and administrative transactions-have instead devolved into a kind of free-for-all. Now the first operating rules are in hand to standardize use of the standards and gain the efficiencies originally intended.

When it....

Author: Greene, Adam H

Source: Journal of AHIMA

Publication Date: October 2011

Now Is the Time to Review Security Policies and Procedures

In June 2011 the Department of Health and Human Services awarded KPMG a $9.2-million contract to create an audit protocol and audit organizational compliance with the HIPAA privacy and security requirements.1 The co....

Author: AHIMA

Source: AHIMA

Publication Date: September 21, 2011

Author: Rode, Dan

Source: Journal of AHIMA

Publication Date: June 2011

The theme of this month's Journal is very timely on two accounts. First, the process for implementing ICD-10-CM/PCS is heating up as the industry is now six months from what many consider the first national milestone: the January 2012 compliance deadline for the HIPAA 5010 transaction upgrade.....

Author: AHIMA

Source: AHIMA practice brief

Publication Date: March 2011

This practice brief has been updated. See the latest version here. This version is made available for historical purposes only.

Author: Wiedemann, Lou Ann

Source: Journal of AHIMA

Publication Date: March 2011

Managing third-party requests for health information is a routine function for every HIM department. HIM professionals regularly receive record requests from third parties for a variety of reasons, such as revenue integrity audits or admission validation reviews.

Historically, fulfi....

Author: Asmonga, Donald D.

Source: Journal of AHIMA

Publication Date: February 2011

The second session of the 111th Congress began with the Democrats in firm control of the House and Senate. Working from their position of power enabled the Democrats to pass healthcare reform.

Although Congress was mired in contentious debates, AHIMA still advocated for its public po....

Author: Walsh, Tom

Source: AHIMA practice brief

Publication Date: January 2011

This practice brief has been updated. See the latest version here. This version is made available for historical purposes only.

Author: Bowman, Sue E; Leon-Chisen, Nelly

Source: Journal of AHIMA

Publication Date: January 2011

The ICD-10-CM/PCS final rule requires HIPAA covered entities adopt the ICD-10-CM and ICD-10-PCS code sets by October 1, 2013. Adoption is not required for noncovered entities such as property and casualty insurance health plans, workers' compensation programs, and disability insurance programs....

Author: AHIMA

Source: AHIMA practice brief

Publication Date: November 2010

This practice brief has been retired. It is made available for historical purposes only.

Author: AHIMA

Source: AHIMA practice brief

Publication Date: November 2010

This practice brief has been updated. See the latest version here. This version is made available for historical purposes only.

Author:

Source: AHIMA Advantage

Publication Date: October 2010

Author: AHIMA

Source: AHIMA practice brief attachment

Publication Date: October 2010

On January 16, 2009, the Department of Health and Human Services released final rules to adopt X12 Version 5010 claim form of HIPAA's Transaction and Code Set Standard and ICD-10-CM and ICD-10-PCS. Healthcare organization must implement version 5010 by January 1, 2012. The implementation deadli....

Author: Dimick, Chris

Source: Journal of AHIMA

Publication Date: September 2010

The calendar is marching steadily toward October 2013, when all healthcare organizations must begin submitting claims using the ICD-10-CM and ICD-10-PCS code sets. Much needs to be done in making the transition, and healthcare organizations should have taken major steps in their preparation al....

Author: Amatayakul, Margret

Source: U.S. National Committee for Vital and Health Statistics

Publication Date: July 11, 2010

Author: Hjort, Beth M.; Rhodes, Harry B.

Source: Journal of AHIMA

Publication Date: June 2010

When ARRA extended sections of the HIPAA privacy and security rules to cover business associates (BAs), it created a seismic shift in their contractual relationships with covered entities (CEs). Further, the changes became effective simultaneous with other ARRA amendments that require CEs and....

Author: Moynihan, Jim

Source: Journal of AHIMA

Publication Date: January 2010

Vendors will bear the brunt of work tied to the industry’s migration to version 5010 of the X12 HIPAA transaction standards. However, providers are responsible for identifying their systems in need of upgrade, getting software installed and tested, and training staff in new functionalities. Wh....

Author: Rode, Dan

Source: Journal of AHIMA

Publication Date: January 2010

Last year saw movement on major HIM issues, starting in January with the publication of the ICD-10-CM/PCS final rule. This was quickly followed by the American Recovery and Reinvestment Act (ARRA), which has dominated healthcare discussions all year, matched only by the healthcare reform d....

Author: Dinh, Angela K.

Source: Journal of AHIMA

Publication Date: September 2009

In 2008 the Centers for Medicare and Medicaid Services (CMS) conducted 10 HIPAA security assessments in covered entities (CEs) nationwide. CMS’s stated purpose was not to identify flaws but to gain a true understanding of industry compliance with the HIPAA security rule.

CMS co....

Author: Rode, Dan

Source: AHIMA regulation analysis

Publication Date: February 02, 2009

Author: Rode, Dan

Source: AHIMA regulation analysis

Publication Date: February 02, 2009

Author: U.S. Office of the National Coordinator for Health Information Technology; U.S. Office for Civil Rights

Source: Government (U.S.)

Publication Date: December 16, 2008

Author: U.S. Department of Health and Human Services. Office of the Inspector General

Source: Government (U.S.)

Publication Date: October 27, 2008

Author: Scholl, Matthew; Stine, Kevin; Hash, Joan; Bowen, Pauline; Johnson, Arnold; Smith, Carla; Steinberg, Daniel

Source: Government (U.S.)

Publication Date: October 24, 2008

Author: U.S. Department of Health and Human Services. Office of the Secretary

Source: Government (U.S.)

Publication Date: August 22, 2008

Author: Dinh, Angela K.

Source: External - used with permission

Publication Date: May 02, 2008

This article, written by an AHIMA HIM Practice Director and published in the Journal of Healthcare Compliance (May/June 2008) offers six tips to help organizations stay current, strive for compliance, and prepare for the future.

Author: U.S. Centers for Medicare & Medicaid Services

Source: Government (U.S.)

Publication Date: May 02, 2008

Author: National Committee on Vital and Health Statistics (NCVHS)

Source: Government (U.S.)

Publication Date: April 24, 2008

Author: Adler, M. Peter

Source: Journal of AHIMA

Publication Date: April 2008

Privacy and security are meant to work in tandem—so why have they grown up apart? An organization that coordinates its compliance efforts can maximize resources and increase effectiveness.



Several years have passed since the compliance deadlines for the HIPAA....

Author: National Committee on Vital and Health Statistics (NCVHS)

Source: Government (U.S.)

Publication Date: December 19, 2007

Author: U.S. Centers for Medicare & Medicaid Services

Source: Government (U.S.)

Publication Date: December 10, 2007

Author: Adler, M. Peter

Source: Journal of AHIMA

Publication Date: November 2007

Remember the mad scramble to create a compliance plan before the HIPAA security rule deadline? It’s time to revisit that plan.



Publication of the HIPAA security rule created a flurry of discussions, debate, and activity as healthcare professionals grappled wi....

Author: AHIMA Privacy and Security Practice Council

Source: Journal of AHIMA

Publication Date: July 2007

Working from home has become a common practice as organizations try to maximize the number of productive work hours in a day. A plethora of new portable devices and Web-based technology enables this option by providing off-site access to work-based applications and facilitating the transp....

Author: Amatayakul, Margret; Work, Mitch

Source: Journal of AHIMA

Publication Date: May 2007

Survey results illustrate HIM participation in compliance efforts and offer a look at common program components
HIM professionals have long been at the forefront of ensuring the privacy and confidentiality of health information. With the introduction of the HIPAA privacy and security rul....

Author: U.S. Centers for Medicare & Medicaid Services

Source: Government (U.S.)

Publication Date: January 03, 2007

Author: AHIMA

Source: AHIMA report

Publication Date: April 19, 2006

This third annual survey looks at how well the industry is maintaining HIPAA privacy and security compliance as a part of the normal course of business as it moves further away from the implementation deadlines.

Author: Brick, Frank

Source: Journal of AHIMA

Publication Date: April 2006

Computer systems are feeling the effects of HIPAA. That's because the act's privacy and security rules require covered entities to securely store and manage more data than ever before. The latest computers to feel the effect are those in small covered entities, where the security rule takes ef....

Author: Rhodes, Harry B.

Source: Journal of AHIMA

Publication Date: February 2006

Although we’ve made progress in advancing the EHR initiative, we continue to struggle with data content management. The data content management crisis is not unique to healthcare, according to Ruth Stanat, global business consultant. All businesses—not just healthcare—are &l....

Author: Rode, Dan

Source: AHIMA testimony and comments

Publication Date: January 20, 2006

January 20, 2006
Honorable Michael O. Leavitt
Secretary
Department of Health and Human Services
CMS-0050-P
Hubert H. Humphrey Building
Room 445-G
200 Independence Avenue, SW
Washington, DC 20201
Re: HIPAA Administrative Simplification: Standards for E....

Author: Harford, Joseph P.; Rizzo, Karen

Source: Journal of AHIMA

Publication Date: January 2006

One of the many challenges of the HIPAA age is handling the millions of outdated computers and associated peripheral devices. Once a back-burner issue, computer disposal is now front and center in the healthcare industry. The need to secure a health organization’s network goes well beyon....

Author: Having, Karen; Davis, Diane C.

Source: Perspectives in Health Information Management

Publication Date: November 2005

Abstract


In January 2004, a random sampling of 1,000 U.S. hospitals was surveyed by researchers at a midwestern university to determine perceived level of compliance with the security requirements of the federal Health Insurance Portability and Accountability Act (HIPAA). Exa....

Author: Chitvanni, Norma; Corbosiero, Amy ; Raymond, Jacqueline; Robbins, Shari; Shaw, Donna

Source: AHIMA Convention

Publication Date: October 21, 2005

Introduction

The Dana-Farber Cancer Institute (DFCI) in Boston, Massachusetts, is a specialty hospital providing care to adult and pediatric cancer patients. Inpatient adult cancer care is managed via a joint venture with Brigham and Women’s Hospital. Inpatient pediatric cancer care....

Author: Travis, John

Source: AHIMA Convention

Publication Date: October 21, 2005

Introduction

Many questions have emerged lately about the requirement for auditing under the HIPAA Security Rule, the differences in the requirement for auditing under the HIPAA Privacy Rule, how to define audit objectives, and the appropriate level to audit. The objective of this white p....

Author: Tomes, Jonathan P.

Source: Journal of AHIMA

Publication Date: October 2005

To avoid the improper destruction or alteration of records, HIM departments must follow a retention schedule, train personnel, and ensure that corrections leave original entries intact.
Although the legal concept known as spoliation of evidence has been a part of the American legal syste....

Author: U.S. Centers for Medicare & Medicaid Services

Source: Government (U.S.)

Publication Date: August 18, 2005

Author: Keating, Angie Singer

Source: Journal of AHIMA

Publication Date: July 2005

The unauthorized use of confidential or sensitive information contained on computer hard drives is a serious problem facing most healthcare organizations. Organizations that do not require proper hard-drive sanitation as part of their total information destruction program face regulatory viola....

Author: Quinsey, Carol Ann

Source: Journal of AHIMA

Publication Date: June 2005

Securing the privacy of both protected health information and personal information should be a primary concern when personal computers have outlived their usefulness. Recycling or disposing of a computer safely can be a challenge.

It’s not enough to simply give an old computer....

Author: U.S. Centers for Medicare & Medicaid Services

Source: Government (U.S.)

Publication Date: May 02, 2005

Author: Brown, Stephen C.

Source: Journal of AHIMA

Publication Date: May 2005

By now, every healthcare organization has faced the initial security compliance responsibilities associated with HIPAA. However, the compliance road has not yet been fully traveled. The nature of the rule makes compliance a recursive effort of reassessment, continual auditing, regular educatio....

Author: AHIMA

Source: AHIMA report

Publication Date: April 11, 2005

The results of a survey to assess the current state of HIPAA privacy and security within the healthcare industry.

AHIMA releases the results of this research in conjunction with the second annual National Health Information Privacy and Security Week, April 10-16, 2005. AHIMA is sponsoring National Health Information Privacy and Security Week to raise awareness among healthcare professionals, their employers, the media, and the public regarding the importance of protecting the privacy, confidentiality, and security of personal health information (PHI).

Author: Amatayakul, Margret

Source: Journal of AHIMA

Publication Date: April 2005

Many covered entities have enhanced their security measures over the last several years in preparation for the HIPAA security rule compliance deadline. In the March issue, Tom Walsh provided a readiness checklist to ensure your organization had the necessary processes in place (See “The....

Author: Hofler, Linda D.; Hardee, Joy; Dildy, Kenneth; Burleson, Deeanna; Grady, Jamie

Source: Journal of AHIMA

Publication Date: March 2005

The privacy and security rules require audits and system activity reviews. Here is one health system's process, a systematic approach that focuses on areas of greatest risk.
Ensuring the privacy and confidentiality of patient information is fundamental to HIM, but it has taken on a new le....

Author: Hash, Joan; Bowen, Pauline; Johnson, Arnold; Smith, Carla; Steinberg, Daniel

Source: Government (U.S.)

Publication Date: March 02, 2005

Author: Brown, Karen

Source: Journal of AHIMA

Publication Date: March 2005

With HIPAA’s security rule compliance date right around the corner, many HIM professionals are still trying to determine if they have adequate safeguards in place to ensure the confidentiality, integrity, and availability of electronic protected health information (ePHI).

Many....

Author: Amatayakul, Margret

Source: Journal of AHIMA

Publication Date: March 2005

HIPAA requires covered entities “implement policies and procedures to address security incidents.” There is one implementation specification: to “identify and respond to suspected or known security incidents; mitigate, to the extent practical, harmful effects of security inci....

Author: Rode, Dan

Source: Journal of AHIMA

Publication Date: March 2005

HIPAA has taught us that standardization is hard. When the act was signed into law in 1996, the optimists among us believed that within four years the healthcare industry would be using a variety of uniform national administrative transactions, most associated with what we now call the revenue....

Author: Walsh, Tom

Source: Journal of AHIMA

Publication Date: March 2005

The race to security compliance is a marathon, not a dash. Here’s how to gauge your progress.
With implementation of the HIPAA security rule next month, many organizations are preparing to sprint toward the deadline. However, compliance is more like a marathon than a 100-meter dash....

Author: U.S. Centers for Medicare & Medicaid Services

Source: Government (U.S.)

Publication Date: February 28, 2005

Author: U.S. Centers for Medicare & Medicaid Services

Source: Government (U.S.)

Publication Date: February 28, 2005

Author: Amatayakul, Margret

Source: Journal of AHIMA

Publication Date: January 2005

As healthcare organizations put the finishing touches on their HIPAA security compliance plans, many are finding that updating access controls is not easy. Clinicians often scoff at the word “control” in general and at “access control” in particular. Not all products ar....

Author: WebMD

Source: External web site

Publication Date: November 24, 2004

Author: U.S. Centers for Medicare & Medicaid Services

Source: Government (U.S.)

Publication Date: November 23, 2004

Author: U.S. Centers for Medicare & Medicaid Services

Source: Government (U.S.)

Publication Date: November 23, 2004

Author: Amatayakul, Margret

Source: Journal of AHIMA

Publication Date: November 2004

The HIPAA security rule includes a requirement for audit controls and to monitor and manage ongoing security for a variety of processes. But the requirement for internal audit was changed to “information security activity review,” and there is no other specific reference to auditin....

Author: Rosenbaum, Arnold S.; Nelson, Gina A.

Source: AHIMA Convention

Publication Date: October 15, 2004

HHS Secretary Tommy Thompson released the Final Regulations for Security Standards in final form in February 2003. The security standards were developed to help safeguard confidential health information, which is being processed increasingly by computers.

The mandates require covered ent....

Author: Davis, Nancy; Lemery, Chrisann

Source: AHIMA Convention

Publication Date: October 15, 2004

Introduction

On April 14, 2003, health care providers and health plans, as covered entities under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), were required to be in compliance with the Privacy Rule. Effective April 14, 2005, these same covered entities wil....

Author: Giannangelo, Kathy

Source: Journal of AHIMA - Coding Notes

Publication Date: October 2004

Coding professionals in acute care hospitals know that ICD-9-CM code modifications are implemented every October 1. This year, however, changes taking place will have far-reaching effects. The reason? The diagnosis portion of ICD-9-CM named under HIPAA has become the standard code set for repo....

Author: Amatayakul, Margret

Source: Journal of AHIMA

Publication Date: October 2004

The 2004 Phoenix Health System/HIMSS HIPAA compliance survey indicates that providers find audit controls the most difficult of the HIPAA security standards to implement.
While it is recognized that every organization must conduct a risk analysis to determine the systems or activities th....

Author: U.S. Centers for Medicare & Medicaid Services

Source: Government (U.S.)

Publication Date: August 16, 2004

Please be advised that these FAQs were generated from a database that is updated frequently. For the most up-to-date information, please visit http://questions.cms.hhs.gov.

Date: 9/30/2004

Question #1889: Are covered entities protected when they make disclosures t....

Author: WebMD

Source: External web site

Publication Date: July 19, 2004

Author: Amatayakul, Margret

Source: Journal of AHIMA

Publication Date: July 2004

Many covered entities are just now starting to approach the compliance aspects of the HIPAA security rule. Why discuss “compliance aspects” and not standards or controls, as we did when preparing for the privacy rule? Privacy and security are long-standing concepts to healthcare,....

Author: Cooper, Ted

Source: Journal of AHIMA

Publication Date: July 2004

The first version of the Computer-based Patient Record Institute (CPRI) toolkit “Managing Information Security in Health Care” was published on the Web in May 1999 in response to the proposed HIPAA security and electronic signature standard of October 1998. The toolkit is intended....

Author: Amatayakul, Margret

Source: Journal of AHIMA

Publication Date: June 2004

Encryption is an addressable implementation specification under HIPAA’s access control and transmission security standards. Many providers are grappling with just how to address these specifications:
Is there a difference between the two specifications, and if so, what is the diff....

Author: Amatayakul, Margret

Source: Journal of AHIMA

Publication Date: May 2004

Many information security officials are barraged with requests for the latest security tools. Such shopping lists often do not reflect a structured plan or a true risk analysis to justify their cost or human resource requirements. This column describes some of the latest tools, how you can ev....

Author: AHIMA

Source: AHIMA presentation | AHIMA recognition week resources

Publication Date: April 12, 2004

Author: AHIMA

Source: AHIMA

Publication Date: April 12, 2004

The results of a survey conducted by AHIMA to assess the current state of HIPAA privacy within the healthcare industry. These results are being released in conjunction with the first annual National Health Information Privacy and Security Week.

Author: Amatayakul, Margret

Source: Journal of AHIMA

Publication Date: April 2004

How many of you have warned your e-mail users about “phishers”—e-mail that appears to come from a trusted source asking the recipient to click on a link to update personal details? But the site is really a fake, and the e-mail is a scam to steal personal information.