Health Information Management Newsletters

Briefings on APCs Briefings on Coding Compliance Strategies Briefings on HIPAA HIM Briefings

How can you minimize the impact of HIPAA? Subscribe to Briefings on HIPAA, your health information management resource for complying with information privacy & security regulations. Get help with rewriting contracts with business partners, telling patients about how their information is being used, and establishing privacy-conscious business practices.

Subscribe »

2016 | 2015 | 2014 | 2013 | 2012 | 2011 | 2010 | 2009 | 2008 | 2007 | 2006 | 2005 | 2004 | 2003 | 2002 | 2001

Issue 12, December 1, 2013 - VIEW THE FULL ISSUE

• An inside look at one healthcare organization's OCR audit experience

  UK HealthCare's Chief Compliance Officer R. Brett Short knew he was in for a rough day as soon as...

• How encryption can help prevent breaches of PHI at your organization

  Encryption. Encryption. Encryption. It's almost impossible to listen to a HIPAA security expert...

• 'Tis the season for giving: Privacy and security officers share HIPAA tips and strategies

  It's the season of giving and in that spirit, BOH asked some privacy and security officers to share...

• Security Q&A: Accounting of disclosures, notices of privacy practices, cloud vendors, smartphone apps

  I am updating the notice of privacy practices and accounting of disclosures policy for my...

Issue 11, November 1, 2013 - VIEW THE FULL ISSUE

• OCR's HIPAA audits will resume

  Although it hasn't released many details yet, OCR plans to resume its audits to assess compliance...

• Healthcare organizations need to fight medical identity theft, including 'family fraud'

  Medical identity theft is on the rise and healthcare organizations need to ensure they are...

• Looking beyond the omnibus deadline: Challenges on the horizon

  September 23 was a big day in the HIPAA world. It was the deadline to comply with most of the...

• Tools for complying with the HIPAA omnibus rule

  Are you still struggling to comply with the new requirements of the HIPAA omnibus final rule? A new...

• MiddleGate toolkit aims to reduce the risk of a breach

  Knowing when a breach occurred is one of the keys to reducing the risks associated with a breach of...

• HIPAA Q&A: Encrypted emails, facility directories, BA agreements, and voice mail

  Q. My email remains encrypted until it is opened. I have received two requests-via email and...

Issue 10, October 1, 2013 - VIEW THE FULL ISSUE

• Keep your foot on the gas pedal when it comes to ­compliance efforts

  The September 23 compliance deadline for most of the provisions of the HIPAA omnibus rule has come...

• Don't forget about privacy and security when it comes to due diligence

  The healthcare industry is changing rapidly, and if you've been paying attention to the news you've...

• A costly mistake: Photocopier breach case created when PHI left on hard drive

  Is someone in your organization making sure that PHI is not left on your digital photocopiers?

• Security Q&A

  Q. Is it acceptable for admitting and patient registration staff to photograph patients upon check...

• How to investigate a suspected breach: Eleven steps to manage an incident

  Every healthcare organization should develop and implement a policy and a well-defined process that...

Issue 9, September 1, 2013 - VIEW THE FULL ISSUE

• How to conduct a breach risk assessment under the ­omnibus rule

  To comply with the HIPAA omnibus final rule, healthcare organizations need to revise their risk...

• Twelve privacy and security trends to watch

  If there's one conclusion you can reach looking back at data breaches over the last decade, it's...

• 'Keeping up with the Kardashians' may have cost healthcare workers their jobs

  Trying to keep up with one of the Kardashians may have resulted in the firing of six people at...

• What you need to tell your business associates

  The HIPAA omnibus rule has changed the game when it comes to business associates (BA).

• HIPAA Q&A

  Q. Is it a HIPAA violation if a hospital receives a faxed Healthcare Effectiveness Data and...

• IDrive backup meets HIPAA Security Rule ­safeguards

  Reliable data backup is critical. If a backup is not in place and your system crashes, you not...

Issue 8, August 1, 2013 - VIEW THE FULL ISSUE

• Common deficiencies targeted in OCR corrective action plans

  There is some common ground in the corrective action plans (CAP) that OCR has imposed on healthcare...

• Divide (the workload) and conquer

  The release of the HIPAA Omnibus Rule has left most HIPAA privacy and security officers with a long...

• Address enhanced individual rights to comply with the final rule

  Editor's note: The following is adapted from the HCPro book The HIPAA Omnibus Rule: A Compliance...

Issue 7, July 1, 2013 - VIEW THE FULL ISSUE

• Some of the top data breach vulnerabilities leave healthcare organizations at risk

  Who would have thought that buying gas with a credit card or wearing a pacemaker could leave a...

• HIPAA omnibus final rule protects PHI use

  The HIPAA omnibus rule provides greater protection for PHI by imposing more stringent requirements...

• Reward those who take positive actions to protect PHI

  Sanctions are one side of the HIPAA coin. However, have you ever considered awarding commendations...

• Tragedy in Iowa raises HIPAA privacy questions

  A 2009 tragedy that occurred in a high school weight room is raising questions about patient...

• Security Q&A

  Proving encryption at time of breach, use of smartphones, and vendor agreements.  

Issue 6, June 1, 2013 - VIEW THE FULL ISSUE

• Long-term care facilities face additional challenges to protect resident privacy

  If many acute care hospitals struggle to protect patient privacy, ­long-term care organizations...

• Make modifications to Notice of Privacy Practices to comply with final HIPAA rule

  One task that almost every healthcare organization is going to have to tackle to comply with the...

• Remind your workforce members to 'zip their lips' when it comes to patient privacy

  In a time when so much attention is focused on issues such as cyber security and the dangers posed...

• Absio Corporation offers ePHI encryption support

  Demonstrating that ePHI encryption meets the safe harbor requirements may be more difficult than it...

Issue 5, May 1, 2013 - VIEW THE FULL ISSUE

• Steps to comply with HIPAA 2.0: Revise your policies and procedures

  One thing the release of the omnibus final rule has left healthcare ­organizations asking is...

• An insider's guide: What it takes for an effective HIPAA compliance plan for business associates

  Business associates (BA) definitely have their work cut out for them.

• Kismet or karma? Step up your security program

  Does your organization treat HIPAA compliance as kismet or karma?

• Privacy standards for de-identification revisited

  The HIPAA Privacy Rule de-identification ­standard-Section 164.514(a)-includes two ­methods...

• Security Q&A

  Q. A long-term care facility has deployed laptops that connect to a file server and are password...

Issue 4, April 1, 2013 - VIEW THE FULL ISSUE

• OCR reviewing its process

  If there's one conclusion that OCR is ready to draw from the 115 HIPAA compliance audits conducted...

• Eleven security tips to help safeguard PHI

  Many healthcare organizations face the challenge of protecting patient records and reducing the...

• Lost documents, portable devices often to blame

  Add another piece of evidence to the pile that shows data breaches in healthcare organizations are...

• ShareFile provides secure file sharing for healthcare

  Citrix ShareFile offers a secure file-sharing solution that can be used to securely collaborate on...

• HIPAA Q&A

  Q. I was told I would be "terminated" if I did not sign a release of medical information...

Issue 3, March 1, 2013 - VIEW THE FULL ISSUE

• HHS releases HIPAA Omnibus Rule

  Unless you've been completely out of touch, by now you know that HHS has finally released the final...

• Ten steps to help you comply with the HIPAA final rule

  Privacy and security officers got their marching orders when HHS released the long-awaited new...

• HIPAA becomes reality for BAs, subcontractors

  HIPAA has hit home for business associates (BA) and their subcontractors.

• 'Harm threshold' eliminated

  One of the biggest changes in the Omnibus final rule is in the way healthcare organizations will...

• HIPAA Q&A

  Q. Can paper patient records be kept in a public storage unit? The storage company we are...

• Security Q&A

  Q. How can you track or prevent the use of USB drives in a hospital setting?

Issue 2, February 1, 2013 - VIEW THE FULL ISSUE

• Emerging technologies create risks for patient data

  For the last three years, the Ponemon Institute has taken the pulse of the healthcare industry and...

• The first OCR resolution agreement

  How one healthcare organization survived a major data breach and OCR enforcement ­action

• What you can learn from OCR actions

  It was a record year in 2012 when it came to OCR's HIPAA enforcement action.

• DocbookMD provides secure way to use mobile devices

Issue 1, January 1, 2013 - VIEW THE FULL ISSUE

• HIPAA can pose unique challenges for assisted living facilities

  Complying with the HIPAA Privacy Rule isn't always easy, but it can be even more complicated for...

• How one Seattle hospital is ready to respond to data breaches

  When it comes to data breaches, it's not a question of if, but a matter of when, says Cris V...

• Is the cloud a good place for you?

  The cloud has come to healthcare, but is cloud computing for your organization?

• Patient preference, incidental disclosures, and email blasts

  Q&A, Patient preference, incidental disclosures, and email blasts

• Briefings on HIPAA 2012 index

  Briefings on HIPAA 2012 index