HIPAA

10 ways to improve patient data securityMore than 80% of security breaches result from human errors
Start MACRA reporting with a HIPAA risk assessment, or don’t start at allHere are five key security risk assessment elements to identify and remediate.
Watch out for these HIPAA violations in online reviewsPhysicians can violate federal law simply by replying to a negative review
Data breaches: Fast facts
Data breaches: Fast factsBe sure to follow these steps if you think you've been hacked.
Am I liable for a glitch in my EHR system?Although the Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009 authorized initial grants and incentives to promote “meaningful use” of electronic health records (EHRs) by providers, one of the potential risks that has not been given much discussion is the risk of medical malpractice liability.
Incidental Use and Disclosure of HIPAA InformationWhen a pharmacy learns of a HIPAA breach, it, and its business associates involved in the breach, are required to report the incident to the government. But not all violations are reportable and may not be considered a breach.
The OCR adopts the do-it-yourself desk auditPhysicians still complacent about their HIPAA compliance programs could soon be subjected to the Office for Civil Rights’ (OCR) latest Phase 2 HIPAA Desk Audit Program, which began in mid-July.
Cybersecurity finally becoming healthcare priority
Cybersecurity finally becoming healthcare priorityWhen it comes to investing in IT and data security, the healthcare field has been known to lag behind other business sectors. That underspending, coupled with the massive shift from paper to digital records in recent years, has put the industry in some crosshairs.
Patient record transparency and the impact on physiciansProjects such as OpenNotes may transform how physicians and patients use and access medical records.
Think you're safe without proper BA agreements? Think again
Think you're safe without proper BA agreements? Think againAs I visit with providers, I discover managers that are not well educated in the HIPAA process, and do not understand they are required to do an annual Security Risk Audit and review of their practice even if they do not have an EMR, writes Carol Gibbons in her latest blog.