Breaking down OCR's HIPAA hotspots
HIM-HIPAA Insider, August 22, 2011
The Office for Civil Rights (OCR) has revealed the top areas of interest on its HIPAA privacy and security compliance radar.
Adam Greene, former senior health information technology and privacy advisor at OCR and now partner at the law firm Davis Wright Tremaine in Washington, D.C., recently discussed each hot topic with HealthLeaders Media.
Hotspot: Incident detection and response (OCR’s top issue)
Greene: I recommend both a top-down and bottom-up approach. From the top, covered entities and business associates should evaluate whether they are reasonably logging system activities and reviewing those logs in a way that is reasonably likely to detect impermissible uses and disclosures.
From the bottom, covered entities and business associates should ensure that all staff who have access to PHI are reasonably trained to be able to spot an impermissible use or disclosure and report it to the appropriate person. The HITECH Act makes clear that the entire organization is treated as knowing of a breach if anyone, other than the person who committed the impermissible use or disclosure, knows of the breach.
Read more on HIPAA Update.
Related Products
-
Briefings on APCs
Worried about the complexities of the new rules under OPPS and APCs? Briefings on APCs helps you understand the new rules...
-
Medical Records Briefing
Guiding Health Information Management professionals through the continuously changing field of medical records and toward a...
-
Briefings on Coding Compliance Strategies
Submitting improper Medicare documentation can lead to denial of fees, payback, fines, and increased diligence from payers...
-
Briefings on HIPAA
How can you minimize the impact of HIPAA? Subscribe to Briefings on HIPAA, your health information management resource for...
-
APCs Insider
This HTML-based e-mail newsletter provides weekly tips and advice on the new ambulatory payment classifications regulations...
Most Popular
- Articles
-
- Note from Hugh
- Note from the instructor: CMS clarifies payment amount to be applied to payment caps and manual review thresholds for outpatient therapy services provided by critical access hosptials
- Steps to comply with HIPAA 2.0: Revise your policies and procedures
- Recent Recovery Auditor activity
- The week in Medicare updates
- Steps to comply with HIPAA 2.0: Revise your policies and procedures
- Citing HIPAA, CVS to end prescription reminders via mail
- ACDIS/AHIMA brief provides guidance on query best practices
- Change your EMR to prepare for ICD-10
- 2014 Hospice Proposed Rule Released
- E-mailed
-
- Note from the instructor: CMS clarifies payment amount to be applied to payment caps and manual review thresholds for outpatient therapy services provided by critical access hosptials
- Q&A: Focused professional practice evaluation (FPPE)
- Change your EMR to prepare for ICD-10
- Solidify processes to avoid HAC penalties
- Citing HIPAA, CVS to end prescription reminders via mail
- 2014 IPPS Proposed Rule: CMS focuses on quality measures, inpatient status
- 2014 Hospice Proposed Rule Released
- HCA initiative boosts flu shots among hospital workers
- Managing the precertification process
- Physician orientation: An essential retention tool
- Searched