Author:

Source: Journal of AHIMA

Publication Date: May 2014

Many health information management (HIM) experts have wondered whether there is protected health information (PHI) on the black market. In short, the answer is “yes.” According to a 2012 Ponemon Institute study, 90 percent of healthcare organizations surveyed have had at least....

Author: RTI International

Source: Government (U.S.) | U.S. Office of the National Coordinator for HIT

Publication Date: June 2014

To overcome barriers to electronic exchange of behavioral health data, Behavioral Health Data Exchange (BHDE) Consortium participants created a set of common policies and procedures that aligned with federal regulations as well as the laws of the participating states. The objective of the consortium project was to execute at least one successful pilot demonstrating the ability of providers to exchange behavioral health data electronically across state lines. At the end of the project, data was exchanged between providers in Florida and Alabama, and the necessary frameworks for exchange were established in three additional states.

Author: Cacciatore, Victoria; Downing, Katherine

Source: Journal of AHIMA

Publication Date: June 2014

Release of information (ROI) has become a complex area for health information management (HIM) professionals. ROI staff and HIM management now must question and dissect every line on a request prior to release. Because of this, a quick reminder on some of the complex ROI risks is appropria....

Author: Downing, Katherine

Source: AHIMA practice brief | Journal of AHIMA

Publication Date: June 2014

The purpose of AHIMA’s new Breach Management Toolkit is to provide a comprehensive collection of resources and best practices to help healthcare organizations and health information management (HIM) professionals navigate their way through the Health Insurance Portability and Accountability Act (HIPAA) Breach Notification Rule and the overall breach management process. The toolkit is intended to raise awareness of the importance and responsibility of everyone within the organization to report HIPAA breaches to the appropriate designated personnel, as well as provide breach prevention education and training.

Author: Gordon, Lynne Thomas

Source: AHIMA testimony and comments

Publication Date: June 25, 2014

The American Health Information Management Association (AHIMA) is pleased to submit these comments on Substance Abuse and Mental Health Services Administration: Applicability of 42 CFR Part 2, Confidentiality of Alcohol and Drug Abuse Patient Records.

AHIMA is committed to promoting and advocating for high quality research, best practices and effective standards in health information and to actively contributing to the development and advancement of health information professionals worldwide. AHIMA’s enduring goal is quality healthcare through quality information. These comments provide AHIMA’s responses to several of SAMSHA’s questions.

Author: Butler, Mary

Source: Journal of AHIMA - website

Publication Date: June 2014

In this web series, HIM professionals working in emerging roles give advice on tackling difficult HIM problems. This month features the conclusion to a two-part series discussing the unique challenges HIM professionals face in deploying EHRs customized to serve pediatric and adolesce....

Author: Cacciatore, Victoria; Downing, Katherine

Source: Journal of AHIMA

Publication Date: July 2014

Criminal attacks on healthcare systems have risen 100 percent since 2010, according to a recent Ponemon study.1 This makes it obvious that the privacy and security of patient health information is vulnerable and highly susceptible to data breach. The HIPAA Breach Notification Rule became e....

Author:

Source: Journal of AHIMA

Publication Date: September 2014

For consumers in the United States, the answer to the question “Who are you?” is becoming increasingly important, especially in relation to one’s healthcare. Safe and secure access to a person’s health information hinges on how their online identity is established and used—especially as m....

Author: Hedges, Ron; Brady, Kevin

Source: Journal of AHIMA

Publication Date: September 2014

Every Health information management (HIM) professional, lawyer, and healthcare consumer should be familiar with the Health Insurance Portability and Accountability Act (HIPAA). For healthcare consumers, HIPAA offers protections and rights of access to personal health information. For HIM....

Author: Wikina, Suanu Bliss

Source: Perspectives in Health Information Management

Publication Date: October 2014

Abstract


Data breaches arising from theft, loss, unauthorized access/disclosure, improper disclosure, or hacking incidents involving personal health information continue to increase every year. As of September 2013, reported breaches affecting individuals reached close to 27 milli....

Author: AHIMA Staff

Source: Journal of AHIMA

Publication Date: October 2014

The US healthcare industry has the unfortunate distinction of having the highest per capita cost of data breaches, recent reports suggest.


A May 2014 Ponemon Institute analysis found that the per capita cost of a healthcare breach was $359 per record. The overall mean across indus....

Author: McLendon, Kelly

Source: Journal of AHIMA

Publication Date: October 2014

The US Department of Health and Human Services (HHS) continues to look for avenues to allow greater patient access to their own health information so that they may be more active in their healthcare management. HHS recently created final rules that remove the Clinical Laboratory Improveme....

Author: Butler, Mary

Source: Journal of AHIMA - website

Publication Date: October 2014

Joanna Belbey, a social media compliance specialist for Actiance, spoke with the Journal for the November/December eCompliance issue about the role of social media and telemedicine in healthcare. As telehealth and social media continues to be an evolving force in healthcare, Bel....

Author: Hedges, Ron

Source: Journal of AHIMA

Publication Date: November 2014

Health information management (HIM) professionals are frequently pulled into litigation due to their role as custodians of health records and protected health information. This role also can categorize them as parties to civil litigation, which obligates them to produce any relevant infor....

Author: Morper, Mike

Source: Journal of AHIMA

Publication Date: November 2014

Admissions and discharge processes can be rife with vulnerabilities and potential HIPAA violations. It is important to address security vulnerabilities and potential compliance problems in the patient admissions and discharge processes. A focus on file destination control, encryption, aut....

Author: Redd, Andrew; Pickard, Steve; Meystre, Stephane; Scehnet, Jeffrey; Bolton, Dan; Heavirland, Julia; Weaver, Allison Lynn ; Hope, Carol; Garvin, Jennifer Hornung

Source: Perspectives in Health Information Management

Publication Date: January 2015

Abstract


Objectives: We introduce and evaluate a new, easily accessible tool using a common statistical analysis and business analytics software suite, SAS, which can be programmed to remove specific protected health information (PHI) from a text document. Removal of PHI is import....

Author: AHIMA Staff

Source: Journal of AHIMA

Publication Date: January 2015

To many American technology observers, courts in Japan and the European Union could be setting a controversial precedent in a series of rulings regarding the “the right to be forgotten.”


Courts in these jurisdictions have ruled against Google and Yahoo and in favor of individuals....

Author: Butler, Mary

Source: Journal of AHIMA

Publication Date: January 2015

Human beings have been fascinated by birds—their flight patterns, colors, and songs—for centuries. In the ancient world, “augurs,” Roman practitioners of “augury,” looked for clues about the past and future by observing birds in flight, hoping for omens.....

Author: Don, Hardwick; Twiggs, Mariela; Braden, James H

Source: Journal of AHIMA

Publication Date: February 2015

A mere two decades ago, healthcare providers didn’t face significant penalties for improperly disclosing protected health information (PHI). Since then, regulations surrounding the privacy and security of PHI have evolved to include strict requirements and corresponding steep financial pe....

Author: Thomas, Liisa; Udofia, Idara

Source: Journal of AHIMA

Publication Date: February 2015

The Food and Drug Administration (FDA) has joined other regulators in sounding a call for data protection and security in our rapidly digitizing world.


Studies reveal that many health providers’ devices or systems have been breached without their knowledge of such breach o....

Author: AHIMA Advocacy and Policy Team

Source: Journal of AHIMA

Publication Date: February 2015

Now that the new year is well underway, most of us have probably settled on our resolutions and are working hard to achieve them. Hopefully both ICD-10-CM/PCS preparation and the “meaningful use” EHR Incentive Program are high on the list of priorities for healthcare providers.

....

Author: AHIMA Staff

Source: Journal of AHIMA

Publication Date: February 2015

The tension between data privacy and consumers’ demand for their health information will become more strained in 2015, a new report predicts. As the number of privacy breaches in the healthcare sector has grown in recent years, so too has the desire of consumers to be one click away from....

Author: Beckett, Barb; Downing, Kathy; Gillespie, Joe D; Waugh, Traci

Source: Journal of AHIMA

Publication Date: March 2015

Since its initial adoption the HIPAA Privacy Rule has granted individuals the right to request restrictions on the use or disclosure of their protected health information (PHI) for treatment, payment, and healthcare operations (TPO), as well as for disclosures to family members and certai....

Author: Backman, Cecilia; Kadlec, Lesley; Kirby, Annessa; Leonard, Mary Ann; Ward, Maria; Westhafer, Kathy J

Source: Journal of AHIMA

Publication Date: March 2015

Health Information Management's (HIM) role in care coordination involves much more than ensuring records are collected and disseminated for reporting purposes. HIM ensures that patient needs are met through availability of patient information along the continuum of care.


H....

Author: Hedges, Ron

Source: AHIMA blog post | Journal of AHIMA - website

Publication Date: March 12, 2015

Legal consequences flow from the use or abuse of EHR. This monthly column presents examples of what those consequences can be.



Healthcare providers receive and respond to subpoenas on a regular basis. Providers routinely produce personal health information (PHI) when doing so....

Author: Butler, Mary

Source: Journal of AHIMA

Publication Date: April 2015

In movies and on television lately, Hollywood has made encryption and decryption look exciting, glamorous, and world-saving. The film The Imitation Game and the BBC show The Bletchley Circle chronicle how British code breakers decrypted military strategy codes from the Nazi encryption tool....

Author: Dimick, Chris

Source: Journal of AHIMA

Publication Date: April 2015

The spiders of time have been hard at work on the US healthcare privacy and security rules, to the point that their place in health IT interoperability has become fogged and is inhibiting their proper role in the meaningful exchange of health information, according to Lucia Savage, JD, th....

Author: Lewis, Sharon; McDonald, Kevin B

Source: Journal of AHIMA

Publication Date: April 2015

As data is made more readily available through a growing number of public and private channels, understanding the risks is critical. Patients expect organizations to take the steps required to protect their sensitive and personal information as it is being produced, processed, shared, and....

Author: Birnbaum, Cassi L

Source: Journal of AHIMA

Publication Date: April 2015

From the year 2009 through 2014, nearly 42 million people had their protected health information (PHI) compromised, according to data from the Department of Health and Human Services’ Office for Civil Rights (OCR). Each passing year brings into sharper focus the challenges associated with....

Author: Datskovsky, Galina; Hedges, Ron; Empel, Sofia; Washington, Lydia

Source: Journal of AHIMA

Publication Date: April 2015

Editor’s note: This is the second in a series of four articles that discuss the eight Information Governance Principles for Healthcare.


AHIMA’s new Information Governance Principles for Healthcare (IGPHC) provides a framework for healthcare organizations to enhance their ab....

Author: Zeiour, Collette; Twiggs, Mariela

Source: Journal of AHIMA

Publication Date: April 2015

With more than 1,000 large breaches of protected health information (PHI) on record, it’s not surprising that PHI disclosure management is currently top of mind for healthcare leaders.1 Many of these breaches have cost organizations between $1 million and $5 million in penalties, not to m....

Author: Godlove, Tim; Ball, Adrian W

Source: Perspectives in Health Information Management

Publication Date: April 2015

Abstract


The purpose of this article is to describe the patient matching problems resulting from the Nationwide Health Information Network’s automated patient discovery specification and propose a more effective and secure approach for patient matching between health informa....

Author: Hedges, Ron

Source: AHIMA blog post | Journal of AHIMA - website

Publication Date: April 09, 2015

Legal consequences flow from the use or abuse of EHR. This monthly column presents examples of what those consequences can be.


Last month I wrote about the possible consequences for a healthcare provider which violated HIPAA when it produced personal health information (PHI)....

Author: Butler, Mary

Source: Journal of AHIMA - website

Publication Date: April 2015

This is the second installment of the Journal of AHIMA’s special series for Privacy and Security Month at AHIMA. Click here to read the first installment.



Last year was a banner year for healthcare privacy breaches, according to an annual report that....

Author: U.S. Office of the National Coordinator for Health Information Technology

Source: Government (U.S.)

Publication Date: April 15, 2015

Author: Butler, Mary

Source: Journal of AHIMA - website

Publication Date: April 2015

In the privacy and security world, whenever a big health data breach makes the news, HIPAA experts warn that it’s only the beginning and the news will only get worse. Over the last year that has certainly been the case as the size and scope of breaches has climbed.....

Author: Journal of AHIMA Staff

Source: Journal of AHIMA

Publication Date: May 2015

Unless they know exactly what to look for, most Internet users wouldn’t know that a “Dark Web” exists or what it is—let alone the potential for harm that can be done with it.


But the dark side of the web is out there, and its proprietors want your medical information.

....

Author: DeMasters, Dana

Source: Journal of AHIMA

Publication Date: May 2015

A police officer arrives in the emergency department of a hospital at 2 a.m. seeking information about a patient who was recently admitted following a motor vehicle accident. The officer suspects the patient was intoxicated while driving and assertively asks the nurse to tell him the resul....

Author: Hedges, Ron

Source: AHIMA blog post | Journal of AHIMA - website

Publication Date: May 14, 2015

Social media is ubiquitous. Almost assuredly everyone reading this blog is employed by or a member of a healthcare organization that has a social media presence. That presence can be beneficial to you and your organization. However, that presence might be harmful. Let’s explore certain asp....

Author: Bowen, Rita K.

Source: Journal of AHIMA

Publication Date: June 2015

Fifteen years ago, many individuals accepted the role of the privacy officer with a perception that it would be a role involving the education and training of individuals on HIPAA rules and regulations, developing policy, and responding to reported incidents. The security officer was focu....

Author: DuBravec, Daniel A; Daigle, Matt

Source: Journal of AHIMA

Publication Date: June 2015

With student safety and privacy an increasing parental concern, school administrators nationwide are sitting on a powder keg of potential backlash because of a gray area of student privacy protections that Julia Lear, senior advisor for the Center of Health and Health Care in Schools at G....

Author: AHIMA

Source: AHIMA

Publication Date: June 2015

a model for protecting health information principles (Spanish edition)

Author: Grebner, Leah A.; Mikaelian, Raymound

Source: Journal of AHIMA

Publication Date: September 2015

Health information management (HIM) professionals are familiar with mobile health (mHealth) technologies from a provider perspective, but technology has provided the ability for healthcare consumers to also utilize mHealth to become more actively engaged in managing their personal healthc....

Author: AHIMA Staff

Source: AHIMA testimony and comments

Publication Date: September 10, 2015

This letter is in response to the Office of the National Coordinator’s (ONC) and the Office for Civil Rights’ (OCR) request for responses regarding the charges and fees for electronic copies of health information.

Author: Lewis, Sharon

Source: AHIMA blog post | Journal of AHIMA - website

Publication Date: September 2015

In June I delivered a presentation, “Breach Prevention Part I: Take a PHI Pause—Conduct an Actionable Privacy Risk Assessment,” at a breakout session at the 2015 California Health Information Convention and Exhibit. Finding resources to create a presentation on conducting....

Author: VanderMolen, Julia; Prince, Alesha; Neu, Emily; DeKraker, Rachael

Source: Educational Perspectives in Health Informatics and Information Management

Publication Date: October 2015

Abstract


Introduction: The healthcare industry is an ever-changing field, and in recent years, the introduction of the electronic health record (EHR) has enabled hospitals to store and retrieve detailed patient information for use by healthcare providers, and sometimes patients, d....

Author: Crump, Dawn; Tice, Carolyn

Source: Journal of AHIMA

Publication Date: October 2015

The mere mention of the words “payer audits” can send even the most confident and capable health information management (HIM) directors into downward spirals of frustration and overload. These feelings are well known to providers who have found themselves forced to tread the mu....

Author: Lucci, Susan; Walsh, Tom

Source: Journal of AHIMA

Publication Date: November 2015

One of the most alarming statistics in the news, which is growing with intent and severity, is the prevalence of cyber-attacks, particularly in healthcare. It is an alarming trend that has gained a good deal of attention. For example, in July 2015, UCLA reported that up to 4.5 million pati....

Author: Butler, Mary

Source: Journal of AHIMA - website

Publication Date: November 2015

The HIM Problem


Completing regular privacy risk assessments is one of the most proactive ways of preventing healthcare privacy breaches. However, finding helpful tools for these assessments is hard to come by.


The HIM Problem Solver: Sharon Lewis, MBA, RHIA, CHPS, CP....

Author: Brinda, Danika

Source: Journal of AHIMA

Publication Date: January 2016

Stories about workforce members inappropriately accessing health information continue to plague the Department of Health and Human Services’ Data Breach Portal—which lists US provider data breaches that affect more than 500 individuals. Recently two data breaches reported on th....

Author: Butler, Mary

Source: Journal of AHIMA - website

Publication Date: January 2016

The HIM Problem


As providers and business associates bring themselves into compliance with the HITECH-HIPAA Final Rule, encrypting data in transmission and at rest can pose a challenge. Two ROI experts discuss encryption and the use of standards in privacy and security.....

Author: DeMasters, Dana; Deanna, Peterson

Source: Journal of AHIMA

Publication Date: February 2016

A police officer with a body-worn camera records video of an altercation in an emergency department involving a patient who has become violent. During the recording another patient not involved in the altercation has their image captured. The officer leaves the facility wit....

Author: Butler, Mary

Source: Journal of AHIMA

Publication Date: March 2016

Over the past several years it’s been hard to avoid public conversations about the “childhood obesity epidemic.” One of the biggest targets for regulators like the USDA and for politicians such as former New York City Mayor Michael Bloomberg has been Americans’ addi....

Author: Hedges, Ron

Source: AHIMA blog post | Journal of AHIMA - website

Publication Date: March 15, 2016

My blog posts have, for the most part, focused on electronically stored information (ESI) in the context of civil litigation. In this blog I want to shift my focus slightly to raise some questions about the electronic health record and what must be produced in response to a....

Author: Butler, Mary

Source: Journal of AHIMA - website

Publication Date: March 24, 2016

The HIM Problem


Nursing staff at NorthShore University Health System were worried about protecting patient privacy when family members called for status updates during surgical procedures and inpatient stays.

The HIM Problem Solver


Terri Bunsen, R....

Author: Saharia, Devendra

Source: Journal of AHIMA

Publication Date: April 2016

Disruptive technology can turn any industry on its head—virtually overnight. Just five years ago, summoning a taxi was an inefficient, time-consuming effort that often involved dialing up a dispatcher, who contacted a driver, who would then make their way to your location, perhaps in an h....

Author: Butler, Mary

Source: Journal of AHIMA

Publication Date: April 2016

It is a dark and stormy night at a mid-sized regional trauma center when an EMS team brings in a 30-year-old man who is suffering from a prescription narcotics overdose. The patient is conscious but disoriented when he arrives on a gurney. When he wakes up, his loved ones, dutifully at his....

Author: Martin, Melissa

Source: Journal of AHIMA

Publication Date: April 2016

Privacy and security has been one of the most interesting aspects of my job. I often tell folks the role of privacy comes very easily to HIM professionals because we were the “Confidentiality Police” long before the title “Privacy Officer” was widely accepted. Prior to HIPAA, HIM professi....

Author: Lee, Christine

Source: Journal of AHIMA

Publication Date: April 2016

According to the American Medical Association (AMA), physician practices continued a slow but steady transition toward hospital ownership in 2015. In their July 2015 study, the AMA reported a decrease in physician-owned practices alongside a continual increase in physicians working direct....

Author: Greene, Adam H

Source: Journal of AHIMA

Publication Date: April 2016

In 2009, CONGRESS passed the Health Information Technology for Economic and Clinical Health (HITECH) Act, which granted individuals a right to have a copy of their records sent to a third party, according to 42 U.S.C. § 17935(e) of the regulation.


Unfortunately, many attorn....

Author: Gordon, Lynne Thomas

Source: Journal of AHIMA

Publication Date: April 2016

Recently, the New York Times ran a provocative opinion piece that called for increased use of patient data for research purposes. “When I explain to my own patients what can be done with their medical information for the greater good in research, nobody has ever said to me ‘don....

Author: Gordon, Lynne Thomas

Source: AHIMA testimony and comments

Publication Date: April 11, 2016

Comment letter to Kana Enomoto, Acting Administrator, Substance Abuse and Mental Health Services Administration

Author: Gordon, Lynne Thomas

Source: AHIMA testimony and comments

Publication Date: April 20, 2016

Comment letter to Jocelyn Samuels, Director, Office for Civil Rights

Author: Rose, Angela Dinh

Source: AHIMA blog post | Journal of AHIMA - website

Publication Date: April 28, 2016

AHIMA hosted a very engaging Twitter chat on Thursday, April 14, 2016, about the role that privacy and security plays towards launching and implementing successful information governance (IG) programs. To see Tweets from the chat and other information governance (IG) related Tweets, v....

Author: Davis, Nancy; Glondys, Barbara

Source: Journal of AHIMA

Publication Date: May 2016

Federal law prohibits the sale of firearms to certain individuals with a history of mental illness. Recent mass shootings have focused attention on the fact that the individuals perpetrating these crimes often had a documented history of mental illness which went undetected despite state a....

Author: Lee, Mee Jeong; Kim, Yeaeun; Kim, Ok-nam

Source: Journal of AHIMA

Publication Date: May 2016

Maintaining the privacy of personal health information (PHI) is important whenever information is gathered, be it for the primary purpose of delivering healthcare, or secondary uses such as clinical research and population health. According to the International Organization for Standardiza....

Author: Martin, Melissa

Source: AHIMA testimony and comments

Publication Date: June 16, 2016

Testimony of AHIMA's Board President before the National Committee on Vital and Health Statistics (NCVHS) Subcommittee on Privacy, Confidentiality, and Security

Author: Hedges, Ron

Source: AHIMA blog post | Journal of AHIMA - website

Publication Date: June 2016

As this blog is about legal consequences, I try to provide current examples of what those consequences might be using a specific set of facts. This month’s example comes from the filming of a documentary television series in New York and Presbyterian Hospital (NYP), one which left me with....

Author: Butler, Mary

Source: Journal of AHIMA - website

Publication Date: July 01, 2016

One of the most important objectives of the HIPAA Privacy Rule—and the HITECH Act in particular—was to ensure that consumers have easy and affordable access to their own protected health information. The regulations also clarified how and when medical information about a patien....

Author: Butler, Mary

Source: Journal of AHIMA - website

Publication Date: July 21, 2016

The mobile app game that has thousand of players roaming streets, parks, and even workplaces—healthcare providers included—has health privacy experts concerned.


Pokémon Go is a smartphone app that uses a phone’s GPS and camera to help players search for virtual chara....

Author: Butler, Mary

Source: Journal of AHIMA - website

Publication Date: August 01, 2016

The US Department of Health and Human Services (HHS) has taken many steps to try and clear up consumer confusion regarding the more consumer-centric aspects of HIPAA’s Privacy Rule and Security Rule. The most recent efforts include the Office of the National Coordinator’s Patien....

Author: Eramo, Lisa A

Source: Journal of AHIMA

Publication Date: August 2016

The clues are subtle but critical: Perhaps you get a bill for urgent care services you never received. Or upon reviewing your medical record through a patient portal, you see a diagnosis of back pain and multiple prescriptions for narcotic pain relievers.


Though not definiti....

Author: Journal of AHIMA Staff

Source: Journal of AHIMA

Publication Date: August 2016

A lot of good things are happening in healthcare in the name of transparency. Rating systems, usually in the form of a designated number of stars, are now being assigned by the public to hospitals, physicians, and nursing homes. And it’s become easier for consumers to comparison shop when they....

Author: Herrin, Barry S.

Source: Journal of AHIMA

Publication Date: September 2016

The HIPAA-HITECH modifications to the Privacy and Security Rules have made the management of the release of information function even more complex for providers. Add in state law and other protections, and it can be difficult for health information management (HIM) professionals to know ju....

Author: Carey, Susan; Beahan, Sally

Source: Journal of AHIMA

Publication Date: September 2016

Historically, health information management (HIM) staff has provided paper copies of medical records in response to authorized requests. No specialty patient education was needed because the paper record was essentially self-explanatory.


But with the ongoing industry trans....