- Home
- » Health Information Management Main Page
- » Newsletters
- » Briefings on HIPAA
- » Newsletters
- » Health Information Management Main Page
Health Information Management Newsletters
Briefings on APCs Briefings on Coding Compliance Strategies Briefings on HIPAA HIM Briefings

How can you minimize the impact of HIPAA? Subscribe to Briefings on HIPAA, your health information management resource for complying with information privacy & security regulations. Get help with rewriting contracts with business partners, telling patients about how their information is being used, and establishing privacy-conscious business practices.
2016
|
2015
|
2014
|
2013
|
2012
|
2011
|
2010
|
2009
|
2008
|
2007
|
2006
|
2005
|
2004
|
2003
|
2002
|
2001
Issue 12, December 1, 2003 - VIEW THE FULL ISSUE
-
Just the facts: Handling police inquiries and criminal subpoenas
At most health care organizations, subpoenas often concern criminal issues and come from criminal... -
A tough subject: Creating policies for privacy and security breaches
In many HIM and human resources offices, talk of sanctions policies causes discomfort. "We have... -
Case study: How one small health care organization is tightening up security as
Jeffrey Bardin specializes in helping small- and medium-sized health care organizations prepare for... -
HIPAA guidance: Research prescreenings could elicit protected health data, invok
A HIPAA privacy rule guidance issued last month has severely reduced the value of using a review... -
Privacy Primer: How to help your staff understand accounting for disclosures of
The HIPAA privacy regulations give individuals the right to receive an accounting of certain...
Issue 11, November 1, 2003 - VIEW THE FULL ISSUE
-
Small provider finds ways to keep staff interested in HIPAA privacy
There is no one correct way to train staff on HIPAA privacy. In fact, you probably need to use a... -
Use these strategies for measuring privacy compliance plan effectiveness
Measuring privacy program effectiveness will help your organization focus on limited resources... -
Transactions and code sets Q&A with CMS: Is the contingency plan for nonMedicare
Editor's note: The following questions were answered by Karen Trudel, deputy director of the CMS... -
Beware of HIPAA's seven deadly sins
OCR describes its enforcement of HIPAA's privacy rule as limited, complaint-driven, and largely... -
Privacy Primer: Train your staff to respond appropriately to patient requests to
This month's Privacy Primer will discuss the circumstances under which covered entities may deny...
Issue 10, October 1, 2003 - VIEW THE FULL ISSUE
-
Electronic claims rule has both privacy and security implications
With few exceptions, providers must submit all claims to Medicare electronically by October 16... -
Hungerford Hospital teaches staff to have a little R-E-S-P-E-C-T
It's not everyday you see a health information management (HIM) director dressed as Aretha Franklin... -
Q&A with Kate Borten: What is the best approach for facility switchboard operato
Editor's note: Kate Borten, CISSP, addresses readers' questions in this Q&A column. After managing... -
Know what counts as notice when you have to respond to a subpoena
Responding to subpoenas is one of the great banes of the health care industry. Because the industry... -
Avoid five common pitfalls when preparing for security
The final security rule requires covered entities to analyze their risk to determine what... -
Privacy Primer: Train your staff on how to respond to PHI amendment requests-Par
The HIPAA privacy regulations give individuals the right to request amendments to their PHI. These...
Issue 9, September 1, 2003 - VIEW THE FULL ISSUE
-
Don't mistake CMS' recent transactions guidance for a free ride
Editor's note: At the time BOH went to press, the interim final rule for electronic submission of... -
PacificSource Health Plans makes staff training engaging, memorable
A character called "The Regulator" who goes back in time to take on Attila the Hun sounds more like... -
OCR may not be the only HIPAA police
If you ask a privacy official what agency enforces the HIPAA privacy rule, the answer you will most... -
Know how CMS' patient-rights standards relate to privacy rule requirements
CMS' Conditions of Participation for hospitals include the following confidentiality of medical... -
Focus on 'good-faith efforts' when preparing for HIPAA transactions
The Centers for Medicare & Medicaid Services (CMS) has dropped the other shoe. On July 24, 2003... -
Privacy Primer: Train your personnel to provide patients proper access to protec
The HIPAA privacy regulations give individuals the right to inspect and copy their PHI and specify...
Issue 8, August 1, 2003 - VIEW THE FULL ISSUE
-
Know what JCAHO standards say about patient confidentiality
The Office of Civil Rights (OCR) is not currently using surveys to enforce HIPAA's privacy rule... -
Use audits to monitor, enforce compliance with minimum necessary
The privacy rule may not have an auditing requirement, but auditing is the only way to ensure... -
Q&A with Kate Borten: Does HIPAA prohibit faxing?
Editor's note: Kate Borten, CISSP, addresses readers' questions in this Q&A column. After managing... -
Include trading partner provisions in all of your business associate contracts
The final security rule eliminated chain of trust agreements and required covered facilities to add... -
Privacy Primer: Train your personnel to provide patients proper access to protec
The HIPAA privacy regulations give individuals the right to inspect and copy their PHI and specify...
Issue 7, July 1, 2003 - VIEW THE FULL ISSUE
-
Ongoing efforts will help covered entities remain compliant
Your facility could have policies and procedures for every privacy rule requirement, but they must... -
Lee Memorial calls on a hippie named Chip for some help with training
In order to catch the attention of staff members and keep them interested, Lee Memorial centered... -
Follow these strategies for auditing and monitoring HIPAA compliance
Now that your facility has implemented new policies and procedures to comply with HIPAA's privacy... -
Train the trainer for compliance, implementation efforts
Many privacy officials led efforts to provide training to staff before the privacy rule's April 14... -
Tip of the month: Analyze preemption statutes when addressing pyschotherapy note
Take a close look at state laws before developing policies and procedures for complying with the... -
CEO HIPAA transaction alert: Get a contingency plan
Smart health care chief executive officers (CEOs) need to prepare for HIPAA's mandated transition...
Issue 6, June 2, 2003 - VIEW THE FULL ISSUE
-
HHS releases first installment of enforcement rule
The Office for Civil Rights (OCR) encourages voluntary compliance by covered entities, but it can... -
Don't take transactions testing lightly
Contrary to what some facilities believe, the next major HIPAA compliance date is not the security... -
Convey these five key points about HIPAA privacy to your staff
April 14 came and went, but privacy compliance efforts are far from over. Many facilities will... -
Know when the privacy rule permits disclosures to public health authorities
The recent outbreak of severe acute respiratory syndrome (SARS) has left some facilities wondering... -
Fundraising was hard enough before April 14: The privacy rule hits charity wor
Endowments on the nonprofit side of the health care industry have seen better times. Many reflect...
Issue 5, May 5, 2003 - VIEW THE FULL ISSUE
-
Consider using a 'layered' notice of privacy practices
The privacy rule's requirement to provide patients with a notice of privacy practices is meant to... -
Take a performance improvement approach to HIPAA compliance
Don't look at HIPAA as just another costly, burdensome compliance effort. Instead, take a... -
Casa Grande Regional Medical Center uses levels of access to comply with minimum
The privacy rule's minimum necessary standard requires staff to only use PHI necessary to do their... -
White River Health System relies on paper for accounting of disclosures
The final privacy rule requires facilities to account for all disclosures of PHI, except those made... -
Not on your behalf
April may be the cruelest month. The privacy rule went live on the 14, taxes were due on the 15... -
Train your work force to deliver proper notice of privacy practices
In April's Privacy Primer, we discussed the content of a notice of privacy practices required by...
Issue 4, April 1, 2003 - VIEW THE FULL ISSUE
-
Don't mistake addressable requirements to mean optional
Some health care organizations may think they can choose not to implement the final security rule's... -
Hospital staff must review and sign off on sanctions policy
If you know an employee has violated a patient's privacy and do nothing about it, your facility... -
Q&A with Kate Borten: How do you limit patient access to the laboratory reports
Editor's note: Kate Borten, CISSP, addresses readers' questions in this Q&A column. Since managing... -
Can HIPAA survive transactions?
On February 20, HHS published final amendments to the transactions and code sets regulations. The... -
Privacy officials wear many hats; list minimum necessary, policies and procedure
Many privacy officials are responsible for a lot more than HIPAA privacy. According to our recent... -
Privacy Primer: Train health care personnel to understand how to provide a HIPAA
The privacy regulations require certain covered entities to give an individual notice of the uses...
Issue 3, March 1, 2003 - VIEW THE FULL ISSUE
-
Final security rule released
Final security rule released. Editor's note: The final security rule had not been published at... -
Don't let patients mistake OHCAs for partnerships
Organized health care arrangements (OHCAs) can allow health care organizations to manage care in... -
Make HIPAA a part of your facility's PR efforts
Staff aren't the only people you may want to educate about HIPAA. Informing the public about your... -
Define key terms in your notice of privacy practices
Several aspects of the privacy rule, such as what qualifies as "demographic information" and... -
Incorporate some security into your privacy training
Although there are two different rules, it's impossible to completely separate privacy from... -
Poor training can spell disaster for covered entities
Training on privacy policies and procedures should be near the top of every covered entity's... -
Privacy Primer: Make sure your work force understands individual patient rights
The HIPAA privacy regulations grant patients significant rights to understand and control how...
Issue 2, February 1, 2003 - VIEW THE FULL ISSUE
Issue 1, January 1, 2003 - VIEW THE FULL ISSUE
Issue 21, May 28, 2003
-
Interventional procedures cause coding confusion
Interventional radiology procedures allow physicians to pinpoint diagnoses with minimal invasion...
Issue 7, July 28, 2003
-
Privacy Primer: Train staff to respond appropriately to patient requests for res
The HIPAA privacy regulations allow patients to request restrictions on the following uses or...
Issue 2, February 21, 2003
-
Don’t wait another year to work on business associate contracts
Covered entities other than small health plans can continue using existing business associate... -
Establish categories for fundraising, determine how to obtain authorization
Potential donors are everywhere—and your facility needs an organized approach to determine... -
Final transactions and code sets changes are still in limbo
Despite the fact that the final transactions and code sets changes were not published on December... -
Focus on maintaining strong customer service when handling patient complaints
Responding to complaints of privacy breaches quickly and compassionately is the first step to... -
Legal disclosures: Know what the privacy rule says about responding to subpoen
By Edward F. ShayHealth care providers and health plans routinely receive subpoenas seeking the... -
Train staff on de-identification of health information and limited data sets to
By William H. Roach Jr., MS, JD, of Gardner Carton & DouglasThe HIPAA privacy rule permits...
Issue 1, January 21, 2003
-
Focus on patient interaction, minimum necessary when training pharmacy staff
If your facility has a pharmacy, its staff probably don’t have to worry about many privacy... -
OCR focuses on voluntary compliance, provides guidance
The vast majority of complaints to the Office for Civil Rights (OCR) are resolved through informal... -
Pay attention to HIPAA’s hidden private right of action
By Edward F. ShayThe conventional wisdom about enforcement of HIPAA’s privacy standards is... -
Prepare for privacy by addressing security
Editor’s note: BOH went to print prior to December 27, 2002, the day HHS identified for... -
Privacy Primer: Train fundraising staff on how much PHI they can use
By William H. Roach Jr., MS, JD, of Gardner Carton & DouglasFor many health care providers... -
Work with other organizations to prepare for transactions and code sets
Collaborating on transactions and code sets compliance with other organizations will allow you to...