Breaking down OCR's HIPAA hotspots
HIM-HIPAA Insider, August 22, 2011
The Office for Civil Rights (OCR) has revealed the top areas of interest on its HIPAA privacy and security compliance radar.
Adam Greene, former senior health information technology and privacy advisor at OCR and now partner at the law firm Davis Wright Tremaine in Washington, D.C., recently discussed each hot topic with HealthLeaders Media.
Hotspot: Incident detection and response (OCR’s top issue)
Greene: I recommend both a top-down and bottom-up approach. From the top, covered entities and business associates should evaluate whether they are reasonably logging system activities and reviewing those logs in a way that is reasonably likely to detect impermissible uses and disclosures.
From the bottom, covered entities and business associates should ensure that all staff who have access to PHI are reasonably trained to be able to spot an impermissible use or disclosure and report it to the appropriate person. The HITECH Act makes clear that the entire organization is treated as knowing of a breach if anyone, other than the person who committed the impermissible use or disclosure, knows of the breach.
Read more on HIPAA Update.
- Woman shoots herself at Fort Knox hospital
- Welcome to the new and improved APCs Insider!
- Differentiate between types of wound debridement
- OB services: Coding inside and outside of the package
- Note similarities and differences between HCPCS, CPT® codes
- CMS proposes change to two-midnight rule
- What does case-mix index mean to you?
- ICD-10 tip: Coding for infectious and parasitic diseases
- Injections and infusions continue to confuse coders
- The perils of cut-and-paste documentation
- Q&A: Coding for palliative care
- Q&A: The opening conference
- Note from the Instructor: Billing for Preventive Services in a Rural Health Clinic
- News: CMS debuts web page for ICD-10 CC and MCC lists
- Ensure coding accuracy by following rules for selecting a principal diagnosis
- Auditing for coding mistakes on outpatient orthopedic cases
- AMA clarifies its intent with ICD-10 grace period
- 2015 IPPS Final Rule released