The First Steps to Becoming HIPAA Compliant
When we schedule an appointment to go over HIPAA compliance with a new client, we are always asked, “Where do I even start?” by the owner or practice manager. Becoming HIPAA compliant is a complex proposition that takes time, knowledge, and persistence. There are many steps involved, but the first steps are always the same: […]
HIPAA Incident Response and Reporting
Healthcare organizations must take extra special care of protected health information (PHI). And part of the HIPAA security rule is a group of rules regarding how to respond to a security incident and how to go about reporting that incident depending on the severity. Make sure your organization understands the following policies and has them […]
How to Prepare For HIPAA Breaches
There are many steps you can take to prepare your organization for a HIPAA breach. If you are proactive, you can mitigate the severity of a breach considerably. And if you have the right policies in place, you can save your practice from large fines and other financial costs. Lets go over the things your […]
HIPAA and Minimum Necessary Disclosures
HIPAA regulations state that when using or disclosing PHI (protected health information) or when requesting PHI from another covered entity (a doctor’s office, dental practice, etc), a covered entity must make reasonable efforts to limit PHI, to the minimum necessary, to accomplish the intended purpose of the use, disclosure or request. So how do we accomplish […]
Rules For Sending And Receiving Protected Health Information (PHI)
HIPAA requires that covered entities (organizations who provide treatment to patients, bill insurance plans, or create protected health information (PHI)) must protect their PHI. This protection extends to sending and receiving PHI. Moreover, there are specific rules for how to send PHI to outside entities like other practices, insurance companies, and patients themselves. First, lets […]
OCR Announces Fines for Breaches Affecting Fewer Than 500 Patients
As a HIPAA compliance IT consultant I work with many small dental and medical practices that are affected by HIPAA regulations. For many years, dental practitioners and boutique medical service providers have been able to fly under the radar of the OCR (Office of Civil Rights) and not worry about audits or fines resulting from […]
The Importance of Encryption for HIPAA Compliance
Encryption. . .what does it mean to encrypt something? Why is it important? And why is it particularly important for covered entities and business associates in the health services industry? What can you do to make sure your data is encrypted while it is being transferred from one place to another and while it is […]