- Home
- » Newsletter Archive
Home Newsletters

Every issue of Health Information Compliance Insider is packed with ready-to-use information worth thousands of dollars to you and your organization, like advance warning from Washington on when to expect changes to and guidance on HIPAA regulations and compliance advice from leading health care lawyers.
2011
|
2010
|
2009
|
2008
|
2007
|
2006
|
2005
|
2004
|
2003
|
2002
|
2001
Issue 12, December 1, 2010 - VIEW THE FULL ISSUE
-
Risk assessment: Your best weapon to prepare for a HIPAA audit
Healthcare organizations have a new motivation to perform risk assessments—meaningful use... -
OCR flags copier vulnerabilities, laptop computers
Have you seen recent news reports about the potential security risk created by digital copy... -
Holiday wish list: No more breaches of PHI
The holiday season is here, and many HIPAA privacy and security officers have items on their wish... -
HIPAA privacy officers should have voice in emergency planning; last-minute prep out of the question
The last thing any hospital needs in an emergency is to scramble to figure out what it needs to do...
Issue 11, November 1, 2010 - VIEW THE FULL ISSUE
-
Update your policies and procedures now, create timelines for checkpoints
From the HITECH Act to increased HIPAA enforcement, the changes occurring now make a compelling... -
CMS offers five solutions to help address inadequate HIPAA Security Rule?required policies and procedures
Old and inadequate policies and procedures is one of seven shortcomings CMS found in its 2009... -
Take advantage of the encryption safe harbor
If someone gave you a get-out-of-jail-free card during a game of Monopoly®, would you take it?
Issue 10, October 1, 2010 - VIEW THE FULL ISSUE
-
Create an incident response plan with these six components
That sick feeling in the pit of your stomach is worse than you ever could have imagined. A staff... -
Another major pharmacy company reaches privacy breach settlement agreement with OCR, FTC
In late July, the Rite Aid Corporation and its 40 affiliated entities agreed to pay HHS $1 million...
Issue 9, September 1, 2010 - VIEW THE FULL ISSUE
-
Back to the drawing board
Many HIPAA privacy and security officers now focus on meeting new regulatory requirements under... -
Red Flags Rule: Consider amending your BA agreements
The Red Flags Rule applies to healthcare providers, but it also applies to many business associates... -
Two EHR challenges: Access management and auditing
Electronic health records (EHR) have their advantages, but they also create challenges for...
Issue 8, August 1, 2010 - VIEW THE FULL ISSUE
-
Risk analysis fundamental to building HIPAA security policies and procedures
Stressing the importance of conducting a risk analysis is like a mantra for covered entities (CE... -
Steps to take now to comply with de-identification of PHI
HITECH instructs OCR to review what attorney Jennifer S. Geetter, Esq., calls “bedrock... -
Review patient authorization before responding to attorneys; state law sometimes preempts HIPAA
Q. Must patients receive a paper copy of our Notice of Privacy Practices during every encounter at...
Issue 7, July 4, 2010 - VIEW THE FULL ISSUE
-
An automated approach to auditing records
A couple of years ago, Debra A. Mikels, OTR/L, corporate manager of confidentiality at Partners... -
Accounting for disclosures from EHRs: What you need to know in order to comply with HITECH requirement
When HITECH was signed into law February 17, 2009, privacy and security officers predicted the... -
Still the same old privacy concerns with HIPAA enforcer
OCR’s top compliance problems when it comes to HIPAA privacy haven’t changed much...
Issue 6, June 1, 2010 - VIEW THE FULL ISSUE
-
Make HIPAA a top priority with upper management
Privacy and security officers may face varying challenges to get buy-in from top leaders for HIPAA... -
Use this checklist to help evaluate your organization
The HIPAA Security Rule requires covered entities (CE) to conduct periodic evaluations of their...
Issue 5, May 1, 2010 - VIEW THE FULL ISSUE
-
OCR list discloses large patient data breaches
Encrypting ePHI could help keep your facility off the OCR’s list of patient data breaches on... -
HCPro survey: Breach notification requirements are top HITECH challenge; BA contracts also a concern
Security breach notification requirements, according to Health Information Compliance...
Issue 4, April 1, 2010 - VIEW THE FULL ISSUE
-
Seven steps to comply with the Red Flags Rule
The focus of the Red Flags Rule is identity theft, said Rebecca Williams, RN, JD, partner and... -
Case involving breaches of PHI worth watching
Connecticut Attorney General Richard Blumenthal sued Health Net of Connecticut, Inc., for failing... -
HIPAA Q&A: Terminate contract if vendor denies records request; patient also can be liable for lost records
Whom should we notify if a minor's record is breached? For example, a grandparent who works in our...
Issue 3, March 1, 2010 - VIEW THE FULL ISSUE
-
Adapt HIPAA internal sanctions policy to comply with HITECH
Develop written guidance, thoroughly investigate any violations, and take a proactive approach as... -
Federal regulations emphasize encryption, risk assessments
The year 2009 ended with the release of some new federal regulations—rules that hammer home...
Issue 2, February 1, 2010 - VIEW THE FULL ISSUE
-
Find capital now; gainĀ stimulus funds later
The Health Information Technology for Economic and Clinical Health (HITECH) Act gave approximately... -
Proactive training: Educate staff members, patients in fight against medical identity theft at your facility
Booz Hamilton Allen, a McLean, VA–based firm that was commissioned in 2008 by the Office of...
Issue 1, January 1, 2010 - VIEW THE FULL ISSUE
-
HIPAA in the headlines in 2009: Anticipate impact in 2010
Specific developments weren’t mere flashes in the pan; experts say the ripple effect will... -
Red Flags rules: FTC enforcement date finally arrives … at least for now
Nonetheless, providers subject to the rule’s requirement to develop a program that mitigates... -
Responding to identity theft a three-step process
The Federal Trade Commission’s Red Flags rule, existing HIPAA laws, and the new Health...