Skip to main content
  • Helping you with HIPAA Security Solutions.
  • Call Us (631) 403-6687
  • Office HrsMon - Sat: 9.00am to 5:00pm


Here are examples of questions we have received from our clients. As a TLD Systems client you can call our offices and ask us questions. When you encounter a situation where you are unsure what to do, we are here to assist and guide our clients.

  • What is HIPAA?

    HIPAA, The Health Insurance Portability and Accountability Act of 1996 (HIPAA) mandates that covered entities must not use or disclose electronic Protected Health Information (e-PHI) without proper authorization.

  • What is Protected Health Information?

    HProtected Health Information is all Personally Identifiable Information that is held or transmitted by a covered entity or a business associate. This includes:

    • Written information
    • Information stored in computer systems
    • Information transmitted orally
  • Why do I need a separate risk analysis for each of my office locations?

    A proper Risk Assessment identifies and asses vulnerabilities in your office that would make your patient data susceptible to a breach or corruption of data.  This correlates with the three pillars of HIPAA: Accessibility, Integrity and Security. Therefore you must be examining both the technical AND physical securities and limitations in your office.

    • Each of your practice locations has a method for you to access your data. This means each location is a portal to patient information that we must safeguard.
    • Each of your practice locations has it’s own set of computers, routers, firewalls and technical equipment.
    • Each of your practice locations has its’ own physical location, physical security and physical risks.
    • Each of your practice locations may have its’ own associated employees.

    The Risk Assessment looks at all the risks for the individual location and provides you with a Risk Mitigation plan that is specific to the location.

    There have been incidents in the past where an organization had a HIPAA Incident and upon investigation it was discovered that the Risk Analysis was not specific for the location.  Consequently, the organizations experience large fines.

  • A patient’s spouse called asking for information on the care of his wife. What am I allowed to tell him?

    If a patient does not give you permission to give information to their spouse, under HIPAA you CAN NOT share information with the spouse. To do so would be a HIPAA violation.

  • A patient owes me a lot of money and they want a copy of their medical records, can I require them to pay their bill before I give them a copy of their records?

    Patients have a right to a copy of their medical records even if they have a balance. Failure to provide a copy of the medial records would be considered a HIPAA violation.

  • Where can I get additional information and news about HIPAA?

    We work together with CME Online to help keep providers and other informed with the latest and most important information about HIPAA and related subjects.

Ask Your Questions