Author: Hughes, Gwen

Source: AHIMA practice brief | Journal of AHIMA

Publication Date: November 2002

This practice brief has been updated. See the latest version here. This version is made available for historical purposes only.

Author: Hughes, Gwen

Source: AHIMA practice brief | Journal of AHIMA

Publication Date: May 2001

This practice brief has been updated. See the latest version here. This version is made available for historical purposes only.

Author: Hughes, Gwen

Source: AHIMA practice brief | Journal of AHIMA

Publication Date: May 2001

This practice brief has been updated. See the latest version here. This version is made available for historical purposes only.

Author: Hughes, Gwen

Source: AHIMA Q and A | Journal of AHIMA

Publication Date: February 2002

Q: What factors should my organization consider when contracting with a HIPAA consultant?


A: The six recommendations below, though not exhaustive, will help your organization select the right HIPAA consultant.


1. Clearly define the work product. Prior to recruitin....

Author: Hughes, Gwen

Source: AHIMA practice brief | Journal of AHIMA

Publication Date: January 2002

This practice brief has been updated. See the latest version here. This version is made available for historical purposes only.

Author: Hughes, Gwen

Source: Journal of AHIMA

Publication Date: October 2002

Many HIM professionals will be called upon to perform an extraordinary feat during the next six months. They will be asked to bring one or more organizations into compliance with the HIPAA privacy rule by April 14, 2003. While this task is challenging in organizations that began such efforts a....

Author: Hughes, Gwen

Source: AHIMA practice brief | Journal of AHIMA

Publication Date: May 2001

This practice brief appendix has been updated. See the latest version here. This version is made available for historical purposes only.

Author: Hughes, Gwen

Source: Journal of AHIMA

Publication Date: May 2001

Q: I understand that inexpensive password recovery software can allow an unauthorized user to recover or crack someone else's password. If passwords are that easy to crack, are they worthwhile?



Q: Does the new HIPAA privacy rule require hospitals to obtain patient....

Author: Hughes, Gwen

Source: Journal of AHIMA

Publication Date: July 2002

Privacy rule implementation teams have a dilemma.


The Department of Health and Human Services (HHS) recently proposed amendments to the HIPAA privacy rule aimed at correcting problems related to its implementation. HHS gave the public until April 26 to provide comments. Based....

Author: Hughes, Gwen; Smith, Cheryl M.

Source: AHIMA practice brief | Journal of AHIMA

Publication Date: November 2001

This practice brief has been updated. See the latest version here. This version is made available for historical purposes only.

Author: Humphrey, Heather L.

Source: Journal of AHIMA

Publication Date: February 2005

A few years ago, the Y2K crisis refocused the data world. Suddenly medical device manufacturers saw the inherent risks data brought to the business industry. What began with answering a simple question about date functionality quickly moved to conversations about personal information, its appr....

Author: Hutchins, Sheri

Source: Journal of AHIMA

Publication Date: November 2007

Nearly five years after its implementation, HIPAA’s minimum necessary standards continue to be problematic for many organizations. A recent report released by the Agency for Healthcare Research and Quality confirms the ongoing confusion over interpretation of the requirement.1

....

Author: Ingram-Muhammad, Sybil

Source: Journal of AHIMA

Publication Date: February 2002

How far along the road to compliance with the HIPAA privacy regulation is your organization? This article tells you the steps you should be taking to get in compliance by the April 2003 deadline.

It is February 2002—14 months before your organization has to be compliant with th....

Author: Jacobs, Jodi

Source: In Confidence (newsletter)

Publication Date: June 02, 2003

Oral privacy is not a new need or requirement in healthcare. However, because it is now backed by a federal mandate, it is receiving newfound attention. With the passing of the April 14, 2003, deadline for HIPAA compliance, hospitals, pharmacies, clearinghouses, physician’s offices, military....

Author: Jones, Rhys W.

Source: In Confidence (newsletter)

Publication Date: January 02, 2001

Background


The Health Insurance Portability and Accountability Act (HIPAA) and its related transaction, security, and privacy regulations apply directly to certain entities, but not to all recipients of health information. The regulations define three classes of “covered enti....

Author: Kawles, Terrance L.

Source: Journal of AHIMA

Publication Date: July 2003

As the leading edge of digital portability advances, the protections afforded the “portability” portion of HIPAA become strained. Under the final security standards, covered entities (CEs) must establish procedures and mechanisms to protect the confidentiality, integrity, and availab....

Author: Keating, Angie Singer

Source: Journal of AHIMA

Publication Date: July 2005

The unauthorized use of confidential or sensitive information contained on computer hard drives is a serious problem facing most healthcare organizations. Organizations that do not require proper hard-drive sanitation as part of their total information destruction program face regulatory viola....

Author: Keough, Tim

Source: Journal of AHIMA

Publication Date: February 2004

Remote coding offers big benefits and unique security challenges. Here’s how one organization moves patient data securely across the Internet.

"Whatever, in connection with my professional practice, or not in connection with it, I see or hear, in the life of men, which ought....

Author: Klasa, Marge

Source: AHIMA Convention

Publication Date: October 21, 2005

Introduction

Maintaining the privacy and security of patient health information (PHI) is not only best practice, it is a HIPAA mandate for all Covered Entities (CE).1  But how does the CE know if its Business Associates (BA) and vendors agree to protect and secure patients’ PH....

Author: Klein, Jim

Source: AHIMA Convention

Publication Date: October 10, 2001

Introduction

Organizations covered under the Proposed Security Standards1 (the Draft Standard) are facing important regulatory compliance decisions for operational, technical, clinical, and administrative components of their enterprise. With the promulgation of the final Security Stand....

Author: Kloss, Linda L

Source: Journal of AHIMA

Publication Date: February 2001

While all regulations under the Health Insurance Portability and Accountability Act (HIPAA) directly affect how we manage health information, the privacy regulations are central for HIM professionals. It has always been our privilege to serve as patient advocates for information priv....

Author: Kloss, Linda L

Source: AHIMA testimony and comments

Publication Date: May 17, 2001

Thursday, May 17, 2001

Good morning, I am Linda Kloss, chief executive officer of the American Health Information Management Association (AHIMA). On behalf of the Association, I thank you for this opportunity to provide input on replacing the ICD-9-CM procedural coding system with ICD-10-....

Author: Kloss, Linda L

Source: AHIMA testimony and comments

Publication Date: January 20, 2000

January 20, 2000


U. S. Department of Health and Human Services

Assistant Secretary for Planning and Evaluation

Attention: Privacy-P

Room G-322A Hubert H. Humphrey Building

200 Independence Avenue, SW

Washington, D. C. 20201

Author: Kloss, Linda L

Source: Journal of AHIMA

Publication Date: April 2004

The past year has been a remarkable one for highly public challenges to privacy of personal health information. Access to records has been sought for presidential candidates and in high-profile cases such as Michael Jackson, Rush Limbaugh, and Kobe Bryant. The Department of Justice is attempti....

Author: Kloss, Linda L

Source: Journal of AHIMA

Publication Date: February 2003

Ten years ago, AHIMA drafted model federal legislation to protect confidential medical record information. We aimed to raise Congress’ awareness that protection for this most personal information was sorely lacking and that the absence of uniform legal protection was a barrier to the use....

Author: Kubas, Debbie; Buck, Shawna

Source: AHIMA Convention

Publication Date: October 21, 2005

Rules for HIPAA-compliant electronic transactions were finalized on October 16, 2000. The finalized HIPAA transaction standards required that claims filed electronically after October 16, 2002 (or after October 16, 2003, if you filed for an extension) had to be in the HIPAA-compliant electroni....

Author: LaMoureaux, LaVonne

Source: AHIMA testimony and comments

Publication Date: March 09, 2004

Author: Lawson, Jayne W.

Source: HIPAA Conference 2000

Publication Date: March 14, 2000

2000 HIPAA Conference Presentation
Performing a Baseline Security Assessment
Presented By Jayne W. Lawson, RHIA, Information Security Manager, Hartford Hospital Awareness and Accountability
Designate staff/team responsible for overseeing review process Determine sponsorship Educate h....

Author: Lazarus, Steven S.

Source: HIPAA Conference 2000

Publication Date: 2000

2000 HIPAA Conference Presentation
Implementing Unique Health Identifiers/Preparing for Claims Attachments
Presented by Steven S. Lazarus, PhD, FHIMSS, Boundary Information Group AGENDA
Agenda HIPAA Claims Attachment Status Standards Functionality Action Steps
INTRODUCTION-- BO....

Author: Lee, Michael R.

Source: Journal of AHIMA

Publication Date: April 2003

In the event of a privacy-related legal challenge, the content of your organization’s notice of privacy practices (NPP) will be a focal point for both plaintiff and defense arguments with respect to the protected health information (PHI) disclosure activities of your organization. Is your....

Author: Lewis, Sharon; McLendon, Kelly

Source: Journal of AHIMA

Publication Date: October 2015

HIPAA uses the term “satisfactory assurances” four times in the text of its Privacy and Security Rules. Each time the statement is used it describes a covered entity’s (CE) responsibility to obtain satisfactory assurances from a business associate who creates, receives, maintains, or tran....

Author: Lieteau, Triste

Source: In Confidence (newsletter)

Publication Date: September 02, 2002

Since the publication of the final modifications to the HIPAA privacy rule in the Federal Register on August 14, 2002, many healthcare providers have been working diligently to understand the proposed revisions and their impact on HIPAA compliance efforts already underway.While some of the mo....

Author: Lucci, Susan; Walsh, Tom

Source: Journal of AHIMA

Publication Date: November 2015

One of the most alarming statistics in the news, which is growing with intent and severity, is the prevalence of cyber-attacks, particularly in healthcare. It is an alarming trend that has gained a good deal of attention. For example, in July 2015, UCLA reported that up to 4.5 million pati....

Author: Malek, Linda A.; Krex, Brian

Source: In Confidence (newsletter)

Publication Date: November 02, 2002

The privacy regulations promulgated pursuant to the Health Insurance Portability and Accountability Act of 1996 (the privacy regulations) will clearly have a tremendous impact on most healthcare entities. However, the effect of the privacy regulations on mental health providers with respect t....

Author: Malone, Molly

Source: In Confidence (newsletter)

Publication Date: December 02, 2003

The electronic transmission of healthcare information and outsourcing transcription is becoming commonplace. While many had previously taken the stance that “everybody’s doing it,” HIPAA has added a new dimension to the working lives of health information managers and medical transcription se....

Author: Mandell, Steve; Manny, Barbara

Source: AHIMA Convention

Publication Date: September 23, 2002

Author: Marsh, Carmilla

Source: Journal of AHIMA

Publication Date: February 2002

Release of information is a perennial challenge for HIM professionals in all care settings. However, long-term care offers some special challenges, especially in the light of the HIPAA privacy rule published in December 2000 (with a compliance date of April 2003). This article reviews the basi....

Author: McDavid, Jan P

Source: Journal of AHIMA

Publication Date: May 2013

Business associates (BAs) of HIPAA-covered entities like hospitals and doctor's offices should already be intimately acquainted with HIPAA's privacy and security regulations. BAs should already have business associate agreements with every covered entity with whom they work and assume resp....

Author: McLaughlin, Mark

Source: Journal of AHIMA

Publication Date: January 2001

HIPAA's provisions have brought healthcare clearinghouses into the spotlight. What is a clearinghouse, and how is its role affected by the new regulations? This article answers these questions.

A clearinghouse is typically used to collect, validate, and distribute insurance c....

Author: McLendon, Kelly

Source: AHIMA Convention

Publication Date: September 23, 2002

Author: McLendon, Kelly

Source: Journal of AHIMA

Publication Date: March 2012

There has been a lack of enforcement of the privacy and security rules ever since HIPAA's inception. As such the adoption of comprehensive HIPAA compliance programs has lagged behind EHR development and implementation.

This in turn has caused little funding to be budgeted by provide....

Author: McLendon, Kelly

Source: Journal of AHIMA

Publication Date: October 2014

The US Department of Health and Human Services (HHS) continues to look for avenues to allow greater patient access to their own health information so that they may be more active in their healthcare management. HHS recently created final rules that remove the Clinical Laboratory Improveme....

Author: McLendon, Kelly; Rose, Angela Dinh

Source: AHIMA practice brief

Publication Date: October 2013

Editor's note: This update supplants the February 2011 practice brief "Notice of Privacy Practices."


Timely, accurate, and complete health information must be collected, maintained, and made available to members of an individual's healthcare team so that members of the team can a....

Author: McSteen, Thomas

Source: Journal of AHIMA

Publication Date: September 2013

The 2013 HIPAA Omnibus Rule marks a key milestone for implementation of the 2009 Health Information Technology for Economic and Clinical Health Act (HITECH). One of the most far-reaching impacts of HITECH and the Omnibus Rule is that business associates (BA) and their subcontractors now mu....

Author: Miaoulis, William M

Source: Journal of AHIMA

Publication Date: March 2010

The Health Information Technology for Economic and Clinical Health (HITECH) Act significantly changes how organizations will address the access, use, and disclosure of protected health information (PHI). It also establishes a national breach notification requirement when information is accesse....

Author: Miaoulis, William M

Source: AHIMA practice brief

Publication Date: November 2013

Editor’s note: This update replaces the April 2004 and the November 2010 practice briefs titled “A HIPAA Security Overview.”


The HIPAA security rule has remained unchanged since its implementation more than a decade ago. However, the Health Information Technology for Economic a....

Author: Mikels, Debbie

Source: AHIMA Convention

Publication Date: October 15, 2004

Abstract

This article reviews successful strategies in preparing for HIPAA Privacy compliance. There are ongoing challenges organizations will face after the compliance date, such as managing research issues, identifying all business associates, and managing the accounting of disclosures....

Author: Miller, Judith A.

Source: In Confidence (newsletter)

Publication Date: November 02, 2003

Advocate Health Care is a large, fully integrated not-for-profit healthcare delivery system in metropolitan Chicago. Many months prior to the April 14, 2003, deadline, Advocate began preparing for the HIPAA privacy compliance deadline.When April 14 arrived, Advocate’s associates and physician....

Author: Miller, Susan A

Source: HIPAA Conference 2000

Publication Date: March 14, 2000

2000 HIPAA Conference Presentation
HIPAA Electronic Transactions
Presented by Susan A. Miller, Esquire, Corporate Regulatory & Compliance Manager, IDX Systems Company HIPAA Summary
Title II, Subtitle F—Administrative Simplification of the Health Insurance Portability and Accoun....

Author: Moynihan, Jim

Source: Journal of AHIMA

Publication Date: January 2010

Vendors will bear the brunt of work tied to the industry’s migration to version 5010 of the X12 HIPAA transaction standards. However, providers are responsible for identifying their systems in need of upgrade, getting software installed and tested, and training staff in new functionalities. Wh....