Search Results

= Members only

Current search

573 results.

1 [2] 3 4 5 6 7 8 9 10 11 12

Journal Q&A (2/04)

Author: AHIMA Professional Practice Team

Source: AHIMA Q and A

Publication Date: February 02, 2004

Q: Can you explain the difference between the terms “addressable” and “required” as they are used in the final security rule?
A: The final security rule and the privacy rule use the terms “standards” and “implementation specifications.” Standards....

Journal Q&A (6/03)

Author: AHIMA Professional Practice Team

Source: AHIMA Q and A

Publication Date: June 02, 2003

Q: Under the privacy rule, how should a physician’s office handle a request from parents for a written statement recommending limitation of their child’s activities at school?

A: Most covered entities have policies requiring written requests or authorizations for disclosure of....

Web FAQ

Author: AHIMA Professional Practice Team

Source: AHIMA Q and A

Publication Date: October 2002

Because HIPAA gives patients the right to copy their medical records, does my facility have to supply a copy machine for this purpose or allow patients to take their records to a copy center?
According to section 164.520 of the HIPAA final privacy rule, an individual has "the right to inspect....

Journal Q&A (9/03)

Author: AHIMA Professional Practice Team

Source: AHIMA Q and A

Publication Date: September 02, 2003

Q: Under HIPAA, how should covered entities respond to requests from public health officials who state that they need protected health information (PHI) to carry out their duties?

A: The privacy rule recognizes that PHI may be needed to respond to threats to public health, including the....

Journal Q&A (4/03)

Author: AHIMA Professional Practice Team

Source: AHIMA Q and A

Publication Date: April 02, 2003

Q: Is it legal for our facility to provide an individual with an abbreviated version of the notice of privacy practices with the full version available only upon request?

A: If an abbreviated version of the notice is given to an individual, it must contain all the required elements from....

Journal Q&A (1/03)

Author: AHIMA Professional Practice Team

Source: AHIMA Q and A

Publication Date: January 02, 2003

Q: Is faxing patient information legal under HIPAA?
A: If the covered entity is permitted to release the information (for treatment purposes or by authorization, for example), then using a fax machine is allowed. The privacy rule requires the entity to provide appropriate administrative, techn....

Journal Q&A (11/04)

Author: AHIMA Professional Practice Team

Source: AHIMA Q and A

Publication Date: November 02, 2004


Q: As a covered entity, do I need to have satisfactory assurance (as required by HIPAA) that an individual has been notified when I am served with a search warrant for a patient's protected health information (PHI)?
A: No. A search warrant is issued by a judge and is considered the same a....

Journal Q&A (1/03)

Author: AHIMA Professional Practice Team

Source: AHIMA Q and A

Publication Date: January 02, 2003

Q: Does HIPAA allow clinicians in our home health facility to pull their own records?
A: Your facility must make a reasonable effort to limit the access of your clinicians to the PHI they need to perform their duties. You will have to determine what policies are reasonable. As employees, the c....

Journal Q&A (7/02)

Author: AHIMA Professional Practice Team

Source: AHIMA Q and A

Publication Date: July 02, 2002


Q: I work in a clinic setting. An attorney has requested copies of a patient’s entire record. The record includes reports dictated by one of the clinic physicians at a local hospital during the patient’s hospitalization. The attorney has the patient’s permission. Are we allowed....

Journal Q&A (5/03)

Author: AHIMA Professional Practice Team

Source: AHIMA Q and A

Publication Date: May 02, 2003


Q: What is an organized health care arrangement (OHCA) and what are its advantages?


A: The privacy rule defines an OHCA as:

a clinically integrated care setting in which individuals typically receive healthcare from more than one healthcare provider

an org....

Journal Q&A (4/03)

Author: AHIMA Professional Practice Team

Source: AHIMA Q and A

Publication Date: April 02, 2003

Q: Does reporting cancer surveillance to the state have to be tracked under the accounting of disclosure requirement in the HIPAA privacy rule?

A: Reporting cancer surveillance to a state agency does require tracking under HIPAA. State laws should be checked to determine if the other typ....

Journal Q&A (6/03)

Author: AHIMA Professional Practice Team

Source: AHIMA Q and A

Publication Date: June 02, 2003

Q: What are a covered entity’s legal responsibilities when a former employee breaches confidentiality of information gained during his or her employment period?

A: Individual state laws would affect the outcome of litigation if charges were pressed through civil action. If the organ....

Journal Q&A (5/01)

Author: AHIMA Staff

Source: AHIMA Q and A

Publication Date: May 02, 2001

Q: Does the new HIPAA privacy rule require hospitals to obtain patient consent prior to sending copies of dictated reports and test results to the patient's physician?

A: Unless the HIPAA privacy rule published on December 28, 2000 (45 CFR Parts 160 through 164) is modified by the Bush ad....

Journal Q&A (3/02)

Author: AHIMA Staff

Source: AHIMA Q and A

Publication Date: March 02, 2002

Q: We have a transcriptionist who picks up tapes, transcribes them off-site, and returns them each day. Is this practice legal under HIPAA?


A: The HIPAA privacy rule does not prohibit the use of tapes for dictation, nor the use of an outside transcription vendor. The privacy rule do....

Journal Q&A (9/01)

Author: AHIMA Staff

Source: AHIMA Q and A

Publication Date: September 02, 2001

Q: Because HIPAA gives patients the right to copy their medical records, does my facility have to supply a copy machine for this purpose or allow patients to take their records to a copy center?

A: According to section 164.520 of the HIPAA final privacy rule, an individual has "the ri....

Journal Q&A (9/01)

Author: AHIMA Staff

Source: AHIMA Q and A

Publication Date: September 02, 2001

Q: My facility's records contain a variety of psychiatric documentation including therapists' notes from their treatment sessions with patients. How can I determine what requires special protection under HIPAA? Do I need to separate some of the documentation from the medical record? Currently all p....

Journal Q&A (11/01)

Author: AHIMA Staff

Source: AHIMA Q and A

Publication Date: November 02, 2001


Q: Where can I find the updated data elements and data definitions for the Uniform Hospital Discharge Data Set (UHDDS)?

A: At this time, the 1986 UHDDS data elements and definitions are not available electronically though the information is considered to be in the public domain. The fi....

Journal Q&A (4/02)

Author: AHIMA Staff

Source: AHIMA Q and A

Publication Date: April 02, 2002

Q: I have been asked to identify all of my organization’s business associates so we can update their contracts prior to the April 2003 HIPAA privacy rule compliance date. Unfortunately, existing contracts are not maintained in one place. How should I tackle this project?


A: At....

Journal Q&A (3/02)

Author: AHIMA Staff

Source: AHIMA Q and A

Publication Date: March 02, 2002

Q: Does the individual to whom a patient has granted durable power of attorney for financial matters have the right to access and authorize use or disclosure of the patient’s protected health information (PHI) under HIPAA?


A: An individual granted durable power of attorney for....

Journal Q&A (6/02)

Author: AHIMA Staff

Source: AHIMA Q and A

Publication Date: June 02, 2002

Q: Our facility is developing our notice of privacy practices under HIPAA. We need to decide how we will communicate with individuals when we make changes to our notice. What are the acceptable methods for communicating with our patient population? Do we have to send a paper copy to everyone whose....

Journal Q&A (5/02)

Author: AHIMA Staff

Source: AHIMA Q and A

Publication Date: May 02, 2002

Q: In light of HIPAA restrictions on protected health information, I’m concerned about our HIM department’s practice of accepting HIM students for professional practice experience. What should be considered in deciding whether to continue this practice?


A: HIPAA’s pr....

Journal Q&A (11/01)

Author: AHIMA Staff

Source: AHIMA Q and A

Publication Date: November 02, 2001


Q: Where can I find an easy-to-use glossary for terms in the HIPAA regulations?


A: The Workgroup for Electronic Data Interchange (WEDI) has compiled an alphabetic glossary of HIPAA terms and definitions. It is approximately 24 pages long and can be downloaded from the WEDI Web sit....

Kick Starting the Security Risk Analysis

Author: Amatayakul, Margret

Source: Journal of AHIMA

Publication Date: July 2004


Many covered entities are just now starting to approach the compliance aspects of the HIPAA security rule. Why discuss “compliance aspects” and not standards or controls, as we did when preparing for the privacy rule? Privacy and security are long-standing concepts to healthcare,....

What is Security Auditing?

Author: Amatayakul, Margret

Source: Journal of AHIMA

Publication Date: November 2004


The HIPAA security rule includes a requirement for audit controls and to monitor and manage ongoing security for a variety of processes. But the requirement for internal audit was changed to “information security activity review,” and there is no other specific reference to auditin....

Trouble with Audit Controls

Author: Amatayakul, Margret

Source: Journal of AHIMA

Publication Date: October 2004


The 2004 Phoenix Health System/HIMSS HIPAA compliance survey indicates that providers find audit controls the most difficult of the HIPAA security standards to implement.
While it is recognized that every organization must conduct a risk analysis to determine the systems or activities th....

Access Controls: Striking the Right Balance

Author: Amatayakul, Margret

Source: Journal of AHIMA

Publication Date: January 2005


As healthcare organizations put the finishing touches on their HIPAA security compliance plans, many are finding that updating access controls is not easy. Clinicians often scoff at the word “control” in general and at “access control” in particular. Not all products ar....

Reporting Security Incidents

Author: Amatayakul, Margret

Source: Journal of AHIMA

Publication Date: March 2005


HIPAA requires covered entities “implement policies and procedures to address security incidents.” There is one implementation specification: to “identify and respond to suspected or known security incidents; mitigate, to the extent practical, harmful effects of security inci....

Getting Ready for HIPAA Privacy Rules

Author: Amatayakul, Margret

Source: Journal of AHIMA

Publication Date: April 2000


What do the proposed privacy regulations mean to HIM professionals—and what can you do now to begin to prepare? The author takes an in-depth look at the proposed rules.
The Health Insurance Portability and Accountability Act (HIPAA) of 1996 is bringing significant changes to the ma....

HIPAA Security Shopping List (HIPAA on the Job)

Author: Amatayakul, Margret

Source: Journal of AHIMA

Publication Date: May 2004


Many information security officials are barraged with requests for the latest security tools. Such shopping lists often do not reflect a structured plan or a true risk analysis to justify their cost or human resource requirements. This column describes some of the latest tools, how you can ev....

Primer on Encryption

Author: Amatayakul, Margret

Source: Journal of AHIMA

Publication Date: June 2004


Encryption is an addressable implementation specification under HIPAA’s access control and transmission security standards. Many providers are grappling with just how to address these specifications:
Is there a difference between the two specifications, and if so, what is the diff....

1 [2] 3 4 5 6 7 8 9 10 11 12