215 results.
[1] 2 3 4 5 6 7 8 9
Are You Ready for a HIPAA Audit?
Author: Wiedemann, Lou Ann
Source: Journal of AHIMA
Publication Date: April 2017
Editor’s Note: The following is an excerpt from the new “External HIPAA Audit Readiness Toolkit” developed by AHIMA. The full toolkit is free for AHIMA members.
THE HITECH OMNIBUS Rule mandated that the US Department of Health and Human Services (HHS) condu....
Using Aliases to Protect Privacy in Healthcare
Author: Barrett, Charlotte S; Beidler, Aurae; Davis, Nancy; Glondys, Barbara
Source: Journal of AHIMA
Publication Date: November 2016
Developing policies and standard procedures when working with patient aliases is one way to both respect patient privacy but also ensure the accuracy and integrity of patient data.
As defined in AHIMA’s Pocket Glossary, an “alias” is “a name added to,....
Guidelines for a Compliant Business Associate Agreement (2016)
Author: AHIMA Work Group
Source: AHIMA practice brief
Publication Date: October 2016
This update supersedes the November 2013 practice brief, Guidelines for a Compliant Business Associate Agreement.
The Privacy Rule portion of the Health Insurance Portability and Accountability Act (HIPAA) defines a "business associate (BA) as a person or entity that performs....
Information Governance for Offsite Data Security
Author: Saharia, Devendra
Source: Journal of AHIMA
Publication Date: April 2016
Disruptive technology can turn any industry on its head—virtually overnight. Just five years ago, summoning a taxi was an inefficient, time-consuming effort that often involved dialing up a dispatcher, who contacted a driver, who would then make their way to your location, perhaps in an h....
Shifting from Reactive to Proactive HIPAA Audits
Author: Brinda, Danika
Source: Journal of AHIMA
Publication Date: January 2016
Stories about workforce members inappropriately accessing health information continue to plague the Department of Health and Human Services’ Data Breach Portal—which lists US provider data breaches that affect more than 500 individuals. Recently two data breaches reported on th....
Cybersecurity 101
Author: Lucci, Susan; Walsh, Tom
Source: Journal of AHIMA
Publication Date: November 2015
One of the most alarming statistics in the news, which is growing with intent and severity, is the prevalence of cyber-attacks, particularly in healthcare. It is an alarming trend that has gained a good deal of attention. For example, in July 2015, UCLA reported that up to 4.5 million pati....
Ensuring Your Business Associates Provide ‘Satisfactory Assurances’
Author: Lewis, Sharon; McLendon, Kelly
Source: Journal of AHIMA
Publication Date: October 2015
HIPAA uses the term “satisfactory assurances” four times in the text of its Privacy and Security Rules. Each time the statement is used it describes a covered entity’s (CE) responsibility to obtain satisfactory assurances from a business associate who creates, receives, maintains, or tran....
Cracking Encryption: Despite Benefits, Technology Still Not Widely Used to Combat Multi-Million Dollar Breaches
Author: Butler, Mary
Source: Journal of AHIMA
Publication Date: April 2015
In movies and on television lately, Hollywood has made encryption and decryption look exciting, glamorous, and world-saving. The film The Imitation Game and the BBC show The Bletchley Circle chronicle how British code breakers decrypted military strategy codes from the Nazi encryption tool....
Industry Awaits Phase 2 of HIPAA Audit Program
Author: Asmonga, Donald D.
Source: Journal of AHIMA
Publication Date: January 2015
The wait for the second round of mandated privacy and security audits from the Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) continues. OCR is currently working through final details for the revised audit plan as they await finalization of new technolog....
HIPAA Breach Enforcement Roundup
Author: Cacciatore, Victoria; Downing, Katherine
Source: Journal of AHIMA
Publication Date: July 2014
Criminal attacks on healthcare systems have risen 100 percent since 2010, according to a recent Ponemon study.1 This makes it obvious that the privacy and security of patient health information is vulnerable and highly susceptible to data breach. The HIPAA Breach Notification Rule became e....
Black Market PHI Does Exist: Why It’s Time to Take Security Risk Assessments Seriously
Author:
Source: Journal of AHIMA
Publication Date: May 2014
Many health information management (HIM) experts have wondered whether there is protected health information (PHI) on the black market. In short, the answer is “yes.” According to a 2012 Ponemon Institute study, 90 percent of healthcare organizations surveyed have had at least....
On the HIPAA Hook
Author: Hicks, Andrew
Source: Journal of AHIMA
Publication Date: April 2014
Some healthcare business associates are still asking if HITECH-HIPAA impacts them. The answer is just as important to their affiliated healthcare providers.
Thousands of companies are now legally obligated to comply with the HITECH-HIPAA regulations because of their busines....
Security Risk Analysis and Management: An Overview (2013 update)
Author: Walsh, Tom
Source: AHIMA practice brief
Publication Date: November 2013
Editor’s note: This update replaces the January 2011 practice brief “Security Risk Analysis and Management: An Overview.”
Managing risks is an essential step in operating any business. It’s impossible to eliminate all threats; however, healthcare organizati....
Guidelines for a Compliant Business Associate Agreement - Retired
Author: AHIMA
Source: AHIMA practice brief
Publication Date: November 2013
This 2013 practice brief version has been retired and is retained here for historical purposes. Read the 2016 updated version of this Practice Brief here.
The Privacy Rule portion of the Health Insurance Portability and Accountability Act (HIPAA) of 1996 defines a "business....
HIPAA Security Overview - Retired
Author: Miaoulis, William M
Source: AHIMA practice brief
Publication Date: November 2013
Editor’s note: This update replaces the April 2004 and the November 2010 practice briefs titled “A HIPAA Security Overview.”
The HIPAA security rule has remained unchanged since its implementation more than a decade ago. However, the Health Information Technology for Economic a....
Privacy and Security Training (2013 update) - Retired
Author: Downing, Kathy; Lucci, Susan; Lerch, Diane M
Source: AHIMA practice brief
Publication Date: October 2013
Editor's note: This update replaces the November 2010 practice brief "HIPAA Privacy and Security Training."
On January 25, 2013, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published the long-awaited Health Insurance Portability and Accoun....
When to Send a Breach Notification: New HIPAA Rules Revise “Harm” Standard
Author: Warner, Diana
Source: Journal of AHIMA
Publication Date: April 2013
The HITECH Act’s omnibus HIPAA modification final rule, released January 25, 2013, finalized sweeping changes to privacy and security regulations. Though much of the proposed rule was adopted, the omnibus rule included major changes made to the “harm threshold” standard i....
HIPAA Mighty and Flawed: Regulation has Wide-Reaching Impact on the Healthcare Industry
Author: Solove, Daniel J
Source: Journal of AHIMA
Publication Date: April 2013
How HIPAA has performed overall as a privacy law is open to interpretation, but most agree it has had a wide-reaching impact on the healthcare industry. In comparison to the dozens of federal privacy laws for various industries, HIPAA is one of the most comprehensive and detailed.
Analysis of Modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules under HITECH and GINA; Other Modifications to the HIPAA Rules
Author: AHIMA
Source: AHIMA regulation analysis
Publication Date: January 25, 2013
Modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules Under the Health Information Technology for Economic and Clinical Health Act and the Genetic Information Nondiscrimination Act; Other Modifications to the HIPAA Rules; Final Rule
Author: U.S. Office for Civil Rights
Source: U.S. Department of Health & Human Services | U.S. Office for Civil Rights
Publication Date: January 2013
Rule modifies HIPAA by implementing statutory amendments under HITECH to strengthen the privacy and security protection for individuals’ health information; modifies the Breach Notification Rule under the HITECH Act, modifes the HIPAA Privacy Rule to strengthen the privacy protections for genetic information and makes certain other modifications to the HIPAA Privacy, Security, Breach Notification, and Enforcement Rules (the HIPAA Rules) to improve their workability and effectiveness and to increase flexibility for and decrease burden on regulated entities.
HIPAA Compliance for Clinician Texting
Author: Greene, Adam H
Source: Journal of AHIMA
Publication Date: April 2012
The HIPAA privacy and security rules need not act as an obstacle to efficient communications, but keeping texting compliant requires planning and diligence.
Text (or SMS) messaging has become nearly ubiquitous on mobile devices. According to one survey, approximately 72 perce....
Keeping It Private: Staying Compliant with the HIPAA Privacy and Security Rules
Author: Tomes, Jonathan P.
Source: Journal of AHIMA
Publication Date: March 2012
HHS's renewed interest in auditing for compliance is a good reminder to covered entities to ensure their privacy and security programs are up to date.
The Department of Health and Human Services' (HHS) announcement of a new program to audit compliance with the HIPAA priva....
Automation for Privacy and Security Compliance
Author: McLendon, Kelly
Source: Journal of AHIMA
Publication Date: March 2012
There has been a lack of enforcement of the privacy and security rules ever since HIPAA's inception. As such the adoption of comprehensive HIPAA compliance programs has lagged behind EHR development and implementation.
This in turn has caused little funding to be budgeted by provide....
Simplification at Last? HHS Rolls out Operating Rules for HIPAA Transaction Standards
Author: Dimick, Chris
Source: Journal of AHIMA
Publication Date: February 2012
The HIPAA transaction standards-meant to streamline financial and administrative transactions-have instead devolved into a kind of free-for-all. Now the first operating rules are in hand to standardize use of the standards and gain the efficiencies originally intended.
When it....
HHS Steps up HIPAA Audits: Now Is the Time to Review Security Policies and Procedures
Author: Greene, Adam H
Source: Journal of AHIMA
Publication Date: October 2011
Now Is the Time to Review Security Policies and Procedures
In June 2011 the Department of Health and Human Services awarded KPMG a $9.2-million contract to create an audit protocol and audit organizational compliance with the HIPAA privacy and security requirements.1 The co....
[1] 2 3 4 5 6 7 8 9