This summer I had planned to do a dumpster-diving project with my sons, but then the Iowa floods postponed those plans. However, after reading the following I’m motivated to plan to do this in the spring after basketball and G&T activities are finished for the winter…
Posts Tagged ‘HIPAA’
HIPAA Violation: Medical Clinic Leaves Box With PHI On Public Dumpster
Tuesday, December 30th, 2008New HHS Guidance States HIPAA Does Not Apply To PHRs
Sunday, December 28th, 2008I hope you are all having a wonderful holiday season! I hadn’t planned to take the past few days off from blogging, but something like the flu (probably the flu) hit me like a bag of bricks on Christmas day and I’ve been curled in a fetal position in my bed for the past few days. Oddly enough while laying there feeling like my bones were all slowly dissolving (and thinking about the types of body braces you’d need to create to deal with something like that!) I was also thinking about how silly it was for the Health Insurance Portability and Accountability Act (HIPAA; and any industry-specific data protection law) to define that the only organization’s that would legally need to safeguard protected health information (PHI) are the narrowly defined covered entities (CEs); healthcare providers, healthcare insurers and healthcare clearinghouses.
HHS’s New Privacy & Security Framework Based Upon The OECD Privacy Principles
Friday, December 19th, 2008Earlier this week, the Department of Health and Human Services issued a framework, “Nationwide Privacy and Security Framework For Electronic Exchange of Individually Identifiable Health Information December 15, 2008” for protecting patient privacy and securing medical records, in particular online protected health information (PHI) records.
ED and HHS Gives Guidance for HIPAA and FERPA Relationship
Friday, December 12th, 2008HIPAA Violation: Healthcare Worker Writes About Patients On MySpace
Thursday, December 4th, 2008What was this worker for a healthcare provider thinking…didn’t/doesn’t the provider provide any kind of information security or privacy training or awareness communications…?
CMS Gets Heat Over Not Actively Enforcing HIPAA
Tuesday, November 18th, 2008To date the Centers for Medicare and Medicaid Services (CMS) has not actively pursued HIPAA Security Rule compliance. Instead they have depended upon complaints to drive their investigations. However, as this article nicely points out, depending upon patients and healthcare workers to complain about problems leaves MANY HIPAA non-compliance issues…including significant information security and privacy vulnerabilities…dangerously unknown…
Example Of How Many Healthcare Providers Do Not Understand HIPAA
Wednesday, November 12th, 2008HIPAA is misunderstood by many personnel who work for healthcare providers; probably because they do not receive effective or good training about HIPAA. Here is a good example of how healthcare providers inappropriately withhold information in the name of HIPAA…
Audit Shows That After 5 Years CMS *STILL* Has No Documented Procedures For Ensuring HIPAA compliance
Thursday, October 30th, 2008This week the Department of Health and Human Services (HHS) Office of Inspector General (OIG) released a very interesting assessment of how well, and how effectively, the Centers for Medicare & Medicaid Services (CMS) was performing their Health Insurance Portability and Accountability Act (HIPAA) oversight responsibilities.
Audit Shows That After 5 Years CMS *STILL* Has No Documented Procedures For Ensuring HIPAA compliance
Thursday, October 30th, 2008This week the Department of Health and Human Services (HHS) Office of Inspector General (OIG) released a very interesting assessment of how well, and how effectively, the Centers for Medicare & Medicaid Services (CMS) was performing their Health Insurance Portability and Accountability Act (HIPAA) oversight responsibilities.
HIPAA Compliance During Emergencies and Disasters
Tuesday, October 7th, 2008Yesterday the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) posted a new HIPAA frequently asked question (FAQ) to their site; a great question that many organizations do not even consider until after the fact…
