TIP: Establish safeguards to prevent a breach
HIPAA Weekly Advisor, November 23, 2009
Want to receive articles like this one in your inbox? Subscribe to HIPAA Weekly Advisor!
Editor’s note: This is the first in a series of tips in HIPAA Weekly Advisor about preventing breaches. HHS on August 19 released its interim final rule on breach notification of unsecure protected health information (PHI). The PHI breach notification regulations took effect September 23. However, HHS will not enforce the rule until February 22, 2010.
Andrew E. Blustein, Esq., partner and cochair of Garfunkel, Wild & Travis’ Health Information and Technology Group in Great Neck, NY; Hackensack, NJ; and Stamford, CT, offers these tips for establishing appropriate technical safeguards to protect patient information.
- Require encryption for laptops and other portable devices.
- Establish remote access roles specific to applications and business requirements.
- Prohibit the installation of unsecured “homemade” software on laptops.
- Develop policies regarding the protection of patient information transmitted from remote locations.
This material is an excerpt from the HCPro, Inc., white paper, “HHS Breach Notification Interim Final Rule. Form Your Incident Response Team, Set Policies and Procedures to Comply with New Federal HIPAA Regulations.”
Want to receive articles like this one in your inbox? Subscribe to HIPAA Weekly Advisor!
Related Products
Most Popular
- Articles
-
- Q/A: Volume requirement for reporting hydration services
- Featured blog post: Nurses face felony charges after reporting physician to the Texas Medical Board
- Catch up on what's new with injections and infusions
- Topic: CMS, OESS post new security compliance review information, checklist
- HIPAA Q&A: Level of encryption needed for email
- Capturing all necessary codes for IUD insertion and removal can be challenging
- Identify potential Medicaid RAC target areas
- What does case-mix index mean to you?
- QA:Coding multiple initial infusions
- OB services: Coding inside and outside of the package
- E-mailed
-
- Q/A: Volume requirement for reporting hydration services
- Featured blog post: Nurses face felony charges after reporting physician to the Texas Medical Board
- HIPAA Q&A: Level of encryption needed for email
- Q&A: Follow CMS' coding guidelines when using modifier -25
- Catch up on what's new with injections and infusions
- CMS has reformulated payments for some bilateral procedures
- New conflicts of interest create new challenges
- Q/A. One injection code or two?
- What does case-mix index mean to you?
- CHANGES COMING: Key differences in nationwide rollout
- Searched