Search Results

= Members only

Current search

573 results.

1 2 3 [4] 5 6 7 8

Moving Toward a Unified Information Security Program

Author: Ruano, Michael

Source: Journal of AHIMA

Publication Date: January 2003


Is your organization up to the challenge of creating a unified information security program?


A unified information security program has been all but mandated for healthcare organizations by the federal government. HIPAA requires that electronic, paper, and oral patient identif....

Modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules Under the Health Information Technology for Economic and Clinical Health Act and the Genetic Information Nondiscrimination Act; Other Modifications to the HIPAA Rules; Final Rule

Author: U.S. Office for Civil Rights

Source: U.S. Department of Health & Human Services | U.S. Office for Civil Rights

Publication Date: January 2013

Rule modifies HIPAA by implementing statutory amendments under HITECH to strengthen the privacy and security protection for individuals’ health information; modifies the Breach Notification Rule under the HITECH Act, modifes the HIPAA Privacy Rule to strengthen the privacy protections for genetic information and makes certain other modifications to the HIPAA Privacy, Security, Breach Notification, and Enforcement Rules (the HIPAA Rules) to improve their workability and effectiveness and to increase flexibility for and decrease burden on regulated entities.

Mind Your Business Associate Access: Six Steps

Author: Sullivan, Tori E.

Source: Journal of AHIMA

Publication Date: October 2002


It's April 10, 2003, and a privacy officer is reviewing her policies for the imminent privacy regulations, title II of the Health Insurance Portability and Accountability Act (HIPAA) of 1996. The compliance deadline is April 13, 2003, and she is already feeling stressed about meeting the date.....

Measuring HIPAA's Impact (HIPAA on the Job)

Author: Fuller, Sandra R.

Source: Journal of AHIMA

Publication Date: February 2001




As children, most of us stood against a door frame while our parents recorded our height and the date on the wall. These marks climbed each year as reminders of the changes we were experiencing. When relatives visited, we proudly showed off our progress to adulthood.

These....

Marketing Privacy: HIPAA's New Sales Pitch

Author: Rhodes, Harry B.

Source: AHIMA Convention

Publication Date: October 10, 2001



Background

Direct marketing is the direct contact between a seller and a consumer. This type of targeted marketing has gained wide popularity as a marketing strategy in the late 20th century because it can be addressed directly. With increasing amounts of specific information avai....

Managing HIPAA as Gatekeeper

Author: Amatayakul, Margret

Source: Journal of AHIMA

Publication Date: September 2004


An unfortunate result of the HIPAA privacy rule is the emerging use of HIPAA as a gatekeeper, restricting the appropriate fl ow of protected health information (PHI). HIPAA is being cited as a reason not to disclose information without patient permission when needed for treatment, payment, or....

Managing Exceptions to HIPAA's Patient Access Rule

Author: Hughes, Gwen

Source: Journal of AHIMA

Publication Date: October 2001




The HIPAA final privacy rule requires that covered entities allow individuals to access the medical and billing records maintained about them. However, the rule describes 10 exceptions. Accordingly, healthcare providers must establish a way to identify the medical and billing records....

Making Your Data Warehouse HIPAA Compliant

Author: Reinke, Brian

Source: In Confidence (newsletter)

Publication Date: July 02, 2002


Now a proven technology, data warehousing is entering into widespread use. Detailed patient records of many organizations are now being electronically archived using data warehousing. The goal of using this computer technology is to retain information for years so it can be used for various m....

Making Amendments Meaningful

Author: Amatayakul, Margret

Source: Journal of AHIMA

Publication Date: February 2005


Now that we’re well entrenched in compliance with the privacy rule and headed toward the electronic health record (EHR), the personal health record (PHR), and regional health information organizations (RHIOs), amendments may seem like a mundane topic. But, as this article explains, it is....

Low-Tech Threats in a High-Tech World

Author: Rollins, Genna

Source: Journal of AHIMA - website

Publication Date: April 2011



Despite the rise of health IT, healthcare providers still face daily privacy and security risks of the mundane variety—paper records are misplaced, improperly disclosed, or released without confidential information redacted. No matter the opportunities and risks that technology bring....

Lessons Learned from a Security Assessment

Author: Cummings, Judy

Source: HIPAA Conference 2000

Publication Date: March 14, 2000

2000 HIPAA Conference Presentation
Lessons Learned from a Security Assessment
Presented by Judy Cummings, Senior Manager, Strategic Development
Sharp Healthcare Information Systems Presentation Overview
After this presentation, you will know these things about a security assessm....

Leading the HIPAA Privacy Risk Assessment

Author: Callahan-Dennis, Jill

Source: AHIMA Convention

Publication Date: October 10, 2001




Introduction and Background

As part of their preparations for compliance with the Health Insurance Portability and Accountability Act (HIPAA), healthcare organizations need to compare their current information-handling and information-disclosure practices to the requirement....

Law Changes Patient Access to Clinical Lab Reports

Author: McLendon, Kelly

Source: Journal of AHIMA

Publication Date: October 2014



The US Department of Health and Human Services (HHS) continues to look for avenues to allow greater patient access to their own health information so that they may be more active in their healthcare management. HHS recently created final rules that remove the Clinical Laboratory Improveme....

Kick Starting the Security Risk Analysis

Author: Amatayakul, Margret

Source: Journal of AHIMA

Publication Date: July 2004


Many covered entities are just now starting to approach the compliance aspects of the HIPAA security rule. Why discuss “compliance aspects” and not standards or controls, as we did when preparing for the privacy rule? Privacy and security are long-standing concepts to healthcare,....

Kaiser Permanente Approach

Author: Cooper, Ted

Source: HIPAA Conference 2000

Publication Date: March 14, 2000

2000 HIPAA Conference Presentation
Organizing the Effort
Case Study: The Kaiser Permanente Approach
Presented by Ted Cooper, MD, National Director, Confidentiality & Security, Kaiser Permanente Kaiser Permanente
Kaiser Foundation Health Plan Kaiser Foundation Hospitals Region....

Journal Q&A (9/03)

Author: AHIMA Professional Practice Team

Source: AHIMA Q and A

Publication Date: September 02, 2003

Q: Under HIPAA, how should covered entities respond to requests from public health officials who state that they need protected health information (PHI) to carry out their duties?

A: The privacy rule recognizes that PHI may be needed to respond to threats to public health, including the....

Journal Q&A (9/01)

Author: AHIMA Staff

Source: AHIMA Q and A

Publication Date: September 02, 2001

Q: Because HIPAA gives patients the right to copy their medical records, does my facility have to supply a copy machine for this purpose or allow patients to take their records to a copy center?

A: According to section 164.520 of the HIPAA final privacy rule, an individual has "the ri....

Journal Q&A (9/01)

Author: AHIMA Staff

Source: AHIMA Q and A

Publication Date: September 02, 2001

Q: My facility's records contain a variety of psychiatric documentation including therapists' notes from their treatment sessions with patients. How can I determine what requires special protection under HIPAA? Do I need to separate some of the documentation from the medical record? Currently all p....

Journal Q&A (7/02)

Author: AHIMA Professional Practice Team

Source: AHIMA Q and A

Publication Date: July 02, 2002


Q: I have requested the immunization records from a patient’s former healthcare provider with the patient’s written permission. The former healthcare provider refuses to send the immunization records because the patient has a balance on the account. Is this legal?


A:....

Journal Q&A (7/02)

Author: AHIMA Professional Practice Team

Source: AHIMA Q and A

Publication Date: July 02, 2002


Q: I work in a clinic setting. An attorney has requested copies of a patient’s entire record. The record includes reports dictated by one of the clinic physicians at a local hospital during the patient’s hospitalization. The attorney has the patient’s permission. Are we allowed....

Journal Q&A (6/03)

Author: AHIMA Professional Practice Team

Source: AHIMA Q and A

Publication Date: June 02, 2003

Q: Under the privacy rule, how should a physician’s office handle a request from parents for a written statement recommending limitation of their child’s activities at school?

A: Most covered entities have policies requiring written requests or authorizations for disclosure of....

Journal Q&A (6/03)

Author: AHIMA Professional Practice Team

Source: AHIMA Q and A

Publication Date: June 02, 2003

Q: What are a covered entity’s legal responsibilities when a former employee breaches confidentiality of information gained during his or her employment period?

A: Individual state laws would affect the outcome of litigation if charges were pressed through civil action. If the organ....

Journal Q&A (6/02)

Author: AHIMA Staff

Source: AHIMA Q and A

Publication Date: June 02, 2002

Q: Our facility is developing our notice of privacy practices under HIPAA. We need to decide how we will communicate with individuals when we make changes to our notice. What are the acceptable methods for communicating with our patient population? Do we have to send a paper copy to everyone whose....

Journal Q&A (5/03)

Author: AHIMA Professional Practice Team

Source: AHIMA Q and A

Publication Date: May 02, 2003


Q: What is an organized health care arrangement (OHCA) and what are its advantages?


A: The privacy rule defines an OHCA as:

a clinically integrated care setting in which individuals typically receive healthcare from more than one healthcare provider

an org....

Journal Q&A (5/02)

Author: AHIMA Staff

Source: AHIMA Q and A

Publication Date: May 02, 2002

Q: In light of HIPAA restrictions on protected health information, I’m concerned about our HIM department’s practice of accepting HIM students for professional practice experience. What should be considered in deciding whether to continue this practice?


A: HIPAA’s pr....

Journal Q&A (5/01)

Author: AHIMA Staff

Source: AHIMA Q and A

Publication Date: May 02, 2001

Q: Does the new HIPAA privacy rule require hospitals to obtain patient consent prior to sending copies of dictated reports and test results to the patient's physician?

A: Unless the HIPAA privacy rule published on December 28, 2000 (45 CFR Parts 160 through 164) is modified by the Bush ad....

Journal Q&A (4/03)

Author: AHIMA Professional Practice Team

Source: AHIMA Q and A

Publication Date: April 02, 2003

Q: Is it legal for our facility to provide an individual with an abbreviated version of the notice of privacy practices with the full version available only upon request?

A: If an abbreviated version of the notice is given to an individual, it must contain all the required elements from....

Journal Q&A (4/03)

Author: AHIMA Professional Practice Team

Source: AHIMA Q and A

Publication Date: April 02, 2003

Q: Does reporting cancer surveillance to the state have to be tracked under the accounting of disclosure requirement in the HIPAA privacy rule?

A: Reporting cancer surveillance to a state agency does require tracking under HIPAA. State laws should be checked to determine if the other typ....

Journal Q&A (4/02)

Author: AHIMA Staff

Source: AHIMA Q and A

Publication Date: April 02, 2002

Q: I have been asked to identify all of my organization’s business associates so we can update their contracts prior to the April 2003 HIPAA privacy rule compliance date. Unfortunately, existing contracts are not maintained in one place. How should I tackle this project?


A: At....

Journal Q&A (3/02)

Author: AHIMA Staff

Source: AHIMA Q and A

Publication Date: March 02, 2002

Q: We have a transcriptionist who picks up tapes, transcribes them off-site, and returns them each day. Is this practice legal under HIPAA?


A: The HIPAA privacy rule does not prohibit the use of tapes for dictation, nor the use of an outside transcription vendor. The privacy rule do....

Journal Q&A (3/02)

Author: AHIMA Staff

Source: AHIMA Q and A

Publication Date: March 02, 2002

Q: Does the individual to whom a patient has granted durable power of attorney for financial matters have the right to access and authorize use or disclosure of the patient’s protected health information (PHI) under HIPAA?


A: An individual granted durable power of attorney for....

Journal Q&A (2/04)

Author: AHIMA Professional Practice Team

Source: AHIMA Q and A

Publication Date: February 02, 2004

Q: Can you explain the difference between the terms “addressable” and “required” as they are used in the final security rule?
A: The final security rule and the privacy rule use the terms “standards” and “implementation specifications.” Standards....

Journal Q&A (11/04)

Author: AHIMA Professional Practice Team

Source: AHIMA Q and A

Publication Date: November 02, 2004


Q: As a covered entity, do I need to have satisfactory assurance (as required by HIPAA) that an individual has been notified when I am served with a search warrant for a patient's protected health information (PHI)?
A: No. A search warrant is issued by a judge and is considered the same a....

Journal Q&A (11/01)

Author: AHIMA Staff

Source: AHIMA Q and A

Publication Date: November 02, 2001


Q: Where can I find the updated data elements and data definitions for the Uniform Hospital Discharge Data Set (UHDDS)?

A: At this time, the 1986 UHDDS data elements and definitions are not available electronically though the information is considered to be in the public domain. The fi....

Journal Q&A (11/01)

Author: AHIMA Staff

Source: AHIMA Q and A

Publication Date: November 02, 2001


Q: Where can I find an easy-to-use glossary for terms in the HIPAA regulations?


A: The Workgroup for Electronic Data Interchange (WEDI) has compiled an alphabetic glossary of HIPAA terms and definitions. It is approximately 24 pages long and can be downloaded from the WEDI Web sit....

Journal Q&A (1/03)

Author: AHIMA Professional Practice Team

Source: AHIMA Q and A

Publication Date: January 02, 2003

Q: When is it legal to disclose protected health information (PHI) to clergy?


A: If the individual is informed in advance of the possible disclosure and has the opportunity to object, the HIPAA privacy rule allows a covered entity to disclose directory information to clergy. Directo....

Journal Q&A (1/03)

Author: AHIMA Professional Practice Team

Source: AHIMA Q and A

Publication Date: January 02, 2003

Q: Is faxing patient information legal under HIPAA?
A: If the covered entity is permitted to release the information (for treatment purposes or by authorization, for example), then using a fax machine is allowed. The privacy rule requires the entity to provide appropriate administrative, techn....

Journal Q&A (1/03)

Author: AHIMA Professional Practice Team

Source: AHIMA Q and A

Publication Date: January 02, 2003

Q: Does HIPAA allow clinicians in our home health facility to pull their own records?
A: Your facility must make a reasonable effort to limit the access of your clinicians to the PHI they need to perform their duties. You will have to determine what policies are reasonable. As employees, the c....

It's Time to Finalize Your Privacy Policies

Author: Dougherty, Michelle

Source: Journal of AHIMA

Publication Date: November 2002


You've attended seminars, read articles, outlined systems, and developed forms for implementing the privacy rule, but there is still one step left--actually writing the policies and procedures. For many practitioners, policies and procedures are important but are often put off, then forgotten.....

Is Your NPP Your Best Defense?

Author: Lee, Michael R.

Source: Journal of AHIMA

Publication Date: April 2003


In the event of a privacy-related legal challenge, the content of your organization’s notice of privacy practices (NPP) will be a focal point for both plaintiff and defense arguments with respect to the protected health information (PHI) disclosure activities of your organization. Is your....

Information Security

Author: Tang, Paul C.

Source: HIPAA Conference 2000

Publication Date: March 14, 2000

2000 HIPAA Conference Presentation
Information Security
Presented by Paul Tang, MD Information Systems Security
NRC Definition Security is the protection of information systems against unauthorized access to or modification of information, whether in storage, processing, or transit,....

Information Governance for Offsite Data Security

Author: Saharia, Devendra

Source: Journal of AHIMA

Publication Date: April 2016



Disruptive technology can turn any industry on its head—virtually overnight. Just five years ago, summoning a taxi was an inefficient, time-consuming effort that often involved dialing up a dispatcher, who contacted a driver, who would then make their way to your location, perhaps in an h....

Industry Awaits Phase 2 of HIPAA Audit Program

Author: Asmonga, Donald D.

Source: Journal of AHIMA

Publication Date: January 2015



The wait for the second round of mandated privacy and security audits from the Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) continues. OCR is currently working through final details for the revised audit plan as they await finalization of new technolog....

1 2 3 [4] 5 6 7 8