HIPAA

Last week we published an article that Prestera Health was breached due to a vulnerability in their email system. This Week Jefferson Healthcare in Port Townsend, WA experienced a breach related to their email system.

Prestera Health, the largest behavioral health services provider in West Virginia, serving the counties of Boone, Cabell, Clay, Kanawha, Lincoln, Logan, Mason, Putnam and Wayne in West Virginia experienced a data breach through their email system.

An opinion on when you need Business Associate Agreements when working with Durable Medical Equipment Vendors.

The purpose of these changes is to support individuals’ engagement in their care, remove barriers to coordinated care, and reduce regulatory burdens on the health care industry.

in order to be HIPAA Compliant, you must maintain a "Culture of Compliance" at your office. This can include keeping your software up-to-date, regular required training and addressing risks that pose to your office. This month we address dedicating a privacy officer, testing your backups and proper disposal of patient records.

All HIPAA breaches are investigated by the US Department of Health and Human Services – Office for Civil Rights (OCR). The OCR maintains a web site that lists breaches under investigation as well as those that have been resolved. Reviewing this site can provide us with insight into what has gone wrong for other medical providers. It can help us to understand the steps we can take to avoid similar breaches in our practices.

When you do a back of your data (EHR, Digital Imaging, Billing Program) you hit a button to run your backup and at some point you get a message that your backup is complete. When you have a cloud service, your cloud provider is probably completing your backups.

One of the more common causes of Government Investigations into possible HIPAA violations are patient complaints.

in order to be HIPAA Compliant, you must maintain a "Culture of Compliance" at your office. This can include keeping your software up-to-date, regular required training and addressing risks that pose to your office. This month we address HIPAA training, encrypting your drives and Business Associate Agreements

New Haven, Connecticut failed to terminate an employee’s access to their Health Records System after the employee left. The former employee may have accessed a file containing the Protected Health Information of only 498 Patients.