- Home
- » Health Information Management Main Page
- » Newsletters
- » Briefings on HIPAA
- » Newsletters
- » Health Information Management Main Page
Health Information Management Newsletters
Briefings on APCs Briefings on Coding Compliance Strategies Briefings on HIPAA HIM Briefings

How can you minimize the impact of HIPAA? Subscribe to Briefings on HIPAA, your health information management resource for complying with information privacy & security regulations. Get help with rewriting contracts with business partners, telling patients about how their information is being used, and establishing privacy-conscious business practices.
2016
|
2015
|
2014
|
2013
|
2012
|
2011
|
2010
|
2009
|
2008
|
2007
|
2006
|
2005
|
2004
|
2003
|
2002
|
2001
Issue 12, December 1, 2006 - VIEW THE FULL ISSUE
-
Prepare ahead of time for security incidents
Section 164.308 (6) of the security rule requires your organization to establish policies and... -
ISO involvement central to EHR transition
Information security officers (ISO) in healthcare institutions today encounter a variety of medical... -
Work with marketing to ensure compliance
It's a familiar business fact that it's much easier and cheaper to sell to your existing customers... -
JCAHO's confidentiality, security standards reflect HIPAA
When it comes to patient confidentiality and information security, organizations have a lot more... -
Highlights from the latest NPI roundtable
The May 23, 2007, NPI compliance date is fast approaching, and providers still have a lot of...
Issue 11, November 1, 2006 - VIEW THE FULL ISSUE
-
Address patient privacy when going electronic
The transition from paper to electronic health records (EHR) brings many advantages, including... -
Security compliance depends on work force training
The HIPAA privacy and security rules require your organization to adopt a variety of policies and... -
New Orleans hospital puts care first when faced with disaster
When Hurricane Katrina hit New Orleans in August 2005, it left Children's Hospital closed for six... -
Information security officer has a diverse role in HIE
If your organization is considering joining a health information exchange (HIE) with other regional... -
Q&A: Caller ID, patient authorizations, and sign-in sheets
Editor's note: Brandt is president of Brandt & Associates, Inc., a healthcare consulting firm in...
Issue 10, October 1, 2006 - VIEW THE FULL ISSUE
-
HIPAA doesn't have to get in the way of marketing
In general, HIPAA's privacy rule requires prior authorization from individuals when organizations... -
Prevent social engineers from accessing your data
Audit for work force awareness Your organization probably wants a work force that is friendly... -
Map data flow, clean existing data to prepare for NPI
To move into the new NPI environment, you must create several crosswalks to submit claims properly... -
Q&A: Transitioning to an EMR, scanning, and more
Editor's note: Advice given is general. Readers should consult professional counsel for specific...
Issue 9, September 1, 2006 - VIEW THE FULL ISSUE
-
Management buy-in won't come cheaply
Assessing and responding to security threats is your ongoing responsibility. Unfortunately, the... -
Crosswalking, system modifications necessary for NPIs
The transition from existing legacy numbers to NPIs presents a fundamental change in the way that... -
Tackle portability risks with a comprehensive policy
With the recent laptop theft from the home of an employee of the Department of Veterans Affairs... -
Focus amendments on accuracy, patient satisfaction
Section 164.526(a)(1) of the privacy rule gives patients the right to amend their PHI. But HIPAA... -
Q&A: Reporting fire injuries, notifying patients of breaches, and more
Editor's note: Brandt is president of Brandt & Associates, Inc., a healthcare consulting firm in...
Issue 8, August 1, 2006 - VIEW THE FULL ISSUE
-
Improve training with case scenarios, open communication, and follow-up
If you've been training your staff on the privacy regulations, stop! You should be training them on... -
Beware of patient/visitor technology
Parents use laptop computers to look up their child's condition, giving them valuable information... -
Make ongoing auditing part of the compliance effort
Six risk areas to address during your next privacy audit Your organization needs to have the... -
Eleven tips to improve your perimeter protection
Manage your firewalls with regular reviews, security tools A firewall is a security necessity... -
Q&A: Verifying identity, access policy, audit logs, and more
Editor's note: Apgar is president of Portland, OR-based Apgar & Associates, LLC. He has more than...
Issue 7, July 1, 2006 - VIEW THE FULL ISSUE
-
Preserve electronic data for potential litigation to avoid sanctions
Any organization might find itself involved in a legal dispute regardless of the organization's... -
Get ready for the PR challenge
Initiate a relationship with PR officials before a breach During the response to a security... -
Make EHR policies coincide with privacy compliance
Setting HIPAA privacy apart from confidentiality and release of information can be confusing and... -
Q&A: Privacy in the ED, patients who are friends or relatives
Editor's note: Mary Brandt, MBA, RHIA, CHE, CHPS, is president of Brandt & Associates, Inc., a...
Issue 6, June 1, 2006 - VIEW THE FULL ISSUE
-
Catch up now on NPI preparation
May 23, 2007, is the date when most providers must begin using their NPIs to identify themselves in... -
Focus on authorization, documentation before sharing PHI with friends/family
When it comes to HIPAA, there are grey areas in which it's not always clear whether a use or... -
Revisit security rule compliance in your small practice
Although the security rule compliance date passed more than a year ago, your small practice... -
Make audit logging more than just data collection
Using the data is as important as recording it HIPAA requires your organization to establish... -
Q&A: Server room security, e-mail encryption, and safeguards
Editor's note: Apgar is chair of the Oregon and Southwest Washington Healthcare, Privacy and...
Issue 5, May 1, 2006 - VIEW THE FULL ISSUE
-
Make networking, monitoring part of your ongoing compliance efforts
Privacy officials and compliance officers who believed they could rest on their laurels once the... -
Go back to basics when securing remote access at your facility
Conduct a risk assessment, train employees on policy Protecting PHI and your network's security... -
Bring balance, flexibility to your privacy investigations
Learn how one privacy officer uses violations to educate A privacy investigation can be a... -
Weigh requirements, desire to inform patients when changing privacy practices
Don't waste effort resending notices, but maintain appropriate communication Since the privacy...
Issue 4, April 1, 2006 - VIEW THE FULL ISSUE
-
HHS issues final enforcement rule
All administrative simplification provisions now covered The wait is over for HIPAA's final... -
Take a closer look at what went wrong for Providence Health System
Oregon-based Providence Health System-one of the largest healthcare delivery systems in the United... -
Tackle internal, external threats with a third-party penetration testing regimen
With the multitude of free tools and audit logs available to organizations today, you can... -
Avoid a HIPAA emergency in your organization's ED
Although one of the goals of HIPAA is to protect patient privacy, the regulations should never get... -
Electronic claims attachment pilot shows promise
Providers, payers save money going paperless; participants recommend rule changes As your... -
Q&A: Single sign-on, risk assessments, and audits
Editor's note: Beaver is an independent information security consultant with Atlanta-based...
Issue 3, March 1, 2006 - VIEW THE FULL ISSUE
-
Spice up your HIPAA training
Tailor educational efforts to strengths, weaknesses A lot has changed since HHS first... -
Improve password security, usability with single sign-on technology
Although security experts regard multiple passwords as being more secure because they... -
Respond to privacy complaints with stellar service
Appropriately addressing concerns can go a long way toward saving your facility’s reputation... -
Q&A: Put to rest your nagging NPI concerns
More than two million healthcare providers are required to use the new, unique NPI by May 2007 in...
Issue 2, February 1, 2006 - VIEW THE FULL ISSUE
-
Reference HIPAA, state law when dealing with law enforcement
Juggling law enforcement and HIPAA regulations can be tricky. The gray areas and confusing... -
Fight off hackers by focusing on these risk areas
When it comes to information security, most potential risks are internal-specifically in terms of... -
Double-click to log on to the benefits of patient, visitor Internet access
Balance security and costs when picking an access configuration Giving patients and their...
Issue 1, January 1, 2006 - VIEW THE FULL ISSUE
-
Don’t let mobile devices walk away with important information
Mobile devices such as laptop computers, personal digital assistants (PDA), and tablet personal... -
Ensure business-as-usual when switching to new identifiers
Overcome NPI obstacles by negotiating with payers Two areas likely to be the most problematic... -
Identify, document unique business relationships to ensure compliance
Understand the difference between affiliated entities, OHCAs, and hybrids If the HIPAA... -
Q&A: Eight security resolutions for the new year
By Kate Borten, CISSP, CISM Many healthcare organizations acknowledge that they are not yet... -
Click here for e-mail security that fits your organization
Narrow the field by setting specific requirements, testing customer service HIPAA’s...