HIPAA Certification is a term commonly used by many vendors today which erroneously claim the ability to certify organizations on the HIPAA Privacy Rule and make them HIPAA Compliant. In most situations this is a term used for marketing purposes and has little meaning in terms of HIPAA compliance. This is [...]
To begin to understand a HIPAA violation we must clarify the meaning of a violation. If we review definitions, we will find that a violation is a breach, infringement, or transgression, as of a law, rule, promise, etc. This is clear enough for most of us to understand. Next, we [...]
To fully understand "What HIPAA Stands For" and "What is the HIPAA Law" it is important to know some of the history behind the rule. The U.S. Department of Health and Human Services (HHS) issued the Privacy Rule to implement the Health Insurance Portability and Accountability Act of 1996 also [...]
Information blocking is an action by an actor, a HIN, HIE, health information technology developer of certified health IT, or health care provider that is likely to prevent or materially discourage the access, exchange, or use of electronic health information (EHI) unless required by law or specified by the Secretary HHS as a reasonable and necessary activity.
Guidance from OCR: COVID and HIPAA The HIPAA Privacy Rule requirements have been a challenge to healthcare providers due to the unusual circumstances caused while treating patients during the COVID-19 pandemic. The Office for Civil Rights (OCR) has monitored the situation and taken steps to [...]
What is the difference between a HIPAA Gap Analysis and a HIPAA Risk Analysis? Many organizations use these interchangeably, however, they are not correct in doing so. Don't make the same mistake. We can help you understand the difference.
HIPAA technical safeguards protect PHI and have become a major part of any HIPAA Privacy program. Technical safeguards are important due to constant technology advancements in the health care industry.
Reasonable Safeguards for PHI are precautions that a prudent person must take to prevent a disclosure of Protected Health Information. To protect all forms of PHI: verbal, paper, and electronic, provides must apply these safeguards.
The HIPAA Breach Notification Rule, requires HIPAA covered entities and their business associates to provide notification following a breach of unsecured protected health information.
This article is a review of permitted uses and disclosure of protected health information.