What are examples of Protected Health Information?

Protected Health Information (PHI) includes individually identifiable health information, such as patient names, addresses, social security numbers, medical records, treatment plans, test results, billing information, and any other data that relates to an individual’s past, present, or future physical or mental health condition, healthcare services received, or payment for healthcare services, as defined by HIPAA. … Read more

What is HIPAA and Why is it Important?

HIPAA is a U.S. federal law enacted in 1996 that establishes national standards to safeguard the privacy, security, and confidentiality of patients’ protected health information (PHI) in the healthcare industry, ensuring patient autonomy, data protection, and legal compliance. Understand the comprehensive significance of HIPAA in the following points: HIPAA is a crucial federal law that … Read more

Why was HIPAA Implemented?

HIPAA was enacted by the United States Congress in 1996 with the primary objective of safeguarding the privacy and confidentiality of patients’ personal health information (PHI) while facilitating the electronic exchange of medical data among healthcare entities. This multifaceted legislation has had a profound impact on the healthcare industry, encouraging the adoption of standardized processes, … Read more

What is the HIPAA Security Rule and Why is it Important?

The HIPAA Security Rule is a regulation established by the U.S. Department of Health and Human Services (HHS) to protect the confidentiality, integrity, and availability of electronic protected health information (ePHI). It sets standards and requirements for healthcare organizations and their business associates to ensure the security of patient data. The Security Rule is crucial … Read more

What is Health Information and Why is it Important to Protect?

Health information refers to any data or records related to an individual’s physical or mental health, medical conditions, treatments, or healthcare services they have received. It is important to protect health information due to its sensitive and personal nature. Unauthorized access or disclosure of this information can lead to privacy breaches, identity theft, discrimination, or … Read more

What does HIPAA Protect?

What does HIPAA Protect? What kinds of information are covered by the Act, and why is it important that this data is protected? We will discuss the answers to those questions in this post.  HIPAA had many purposes when it was introduced, ranging from tax reform to expanding access to health insurance. However, it is … Read more

Why is HIPAA Important for Health Care Employees?

HIPAA, is crucial for healthcare employees as it ensures the protection of patient privacy and confidentiality, maintains the security of sensitive health information, fosters trust between patients and healthcare providers, and helps to avoid legal and financial consequences for violations. Healthcare professionals with a high level of education must recognize the importance of HIPAA as … Read more

Why was the HITECH Act Enacted?

The Health Information Technology for Economic and Clinical Health (HITECH) Act, enacted in 2009 as part of the American Recovery and Reinvestment Act, was a response to the pressing need for modernizing the healthcare industry’s information technology infrastructure. It was designed to address several key challenges faced by the healthcare system, such as the widespread … Read more

What is a Covered Entity under HIPAA?

Given how well-known the Health Insurance Portability and Accountability Act is, it may be surprising to learn how narrowly defined a “Covered Entity” is. Possession of health data does not automatically make an organization subject to HIPAA law, leading many to ask: what is a covered entity under HIPAA? Which organizations are required to follow … Read more

What happens after a HIPAA complaint is filed?

What happens after a HIPAA complaint is filed? Is there a specific timeline that a patient can expect to be followed? How should complaints be made in the first place?  Under HIPAA, all patients have the right to complain to healthcare organizations, health plans, or healthcare clearinghouses (all deemed to be HIPAA “Covered Entities”, CEs) … Read more

Why is HIPAA Important to Employees?

HIPAA is important to employees because it safeguards their personal health information, promotes trust in the healthcare system, ensures privacy rights, prevents unauthorized disclosures, and establishes guidelines for secure data handling. HIPAA has been enacted to protect the confidentiality and security of individuals’ health information, ensuring that employees’ privacy rights are respected and their sensitive … Read more

How do you avoid HIPAA violations?

How do you avoid HIPAA violations? Should HIPAA Covered Entities and Business Associates resign themselves to the fact that HIPAA violations are hard to avoid and give up trying to avoid them? Of course, the answer to that question is “no”, and during this article we will discuss what can be done to avoid HIPAA … Read more

Why is HIPAA Important for Billing and Coding?

HIPAA, is crucial for billing and coding as it safeguards patient privacy and confidentiality, ensures accurate claims processing, prevents fraudulent activities, and establishes standardized procedures for transmitting healthcare information securely. Understanding the importance of HIPAA in the context of billing and coding requires a comprehensive examination of the act’s provisions, implications, and benefits. In this … Read more

Why Sign a HIPAA Privacy Form?

Signing a HIPAA privacy form is an essential requirement within the healthcare industry, as it serves multiple purposes aimed at safeguarding patient privacy, maintaining confidentiality, and upholding the principles outlined in the HIPAA. This act was enacted by the United States Congress in 1996 to establish national standards for the protection of certain health information. … Read more

HIPAA Best Practices

Despite the Health Insurance Portability and Accountability Act (HIPAA) first being enacted over 20 years ago, some organizations are still found to be violating HIPAA Rules. Common causes for violations are related to security procedures. Below, we will outline some essential areas that HIPAA covered entities and their business associates should review to avoid sanctions … Read more

When was HIPAA Enacted?

The HIPAA was enacted on August 21, 1996. It is a federal law in the United States that was designed to safeguard and protect the privacy and security of individuals’ health information. HIPAA introduced several important provisions and regulations that impact the healthcare industry. It established national standards for electronic health care transactions, such as … Read more

Why Does a Patient Sign a HIPAA Form?

A patient signs a HIPAA form for several important reasons. Signing the form allows the healthcare provider to disclose the patient’s protected health information (PHI) to other parties involved in their care, such as other healthcare professionals or insurance companies. This ensures coordinated and effective treatment. The HIPAA form informs the patient about their rights … Read more

Is AWS HIPAA Compliant?

Are Amazon Web Services (AWS) HIPAA Compliant? AWS includes the necessary features to be used in compliance with HIPAA’s Security Rule and Amazon will enter into Business Associate Agreements (BAA) with covered entities. Does this mean AWS is HIPAA compliant? As we often state, even when tools include all the required settings they must be … Read more

Why Do You Have to Sign a HIPAA Form?

You are required to sign a HIPAA form in order to comply with the HIPAA, which is a federal law designed to protect the privacy and security of patients’ sensitive health information. By signing the HIPAA form, patients contribute to maintaining the trust and confidentiality that are fundamental to the healthcare provider-patient relationship. Overall, the … Read more

Why Does the HIPAA Privacy Rule Exist?

The HIPAA Privacy Rule exists to protect the privacy and security of individuals’ protected health information (PHI), ensuring that healthcare entities adhere to national standards and regulations to maintain the confidentiality of patient data, enhance patient trust, and promote the secure exchange of healthcare information. The HIPAA Privacy Rule, established under the HIPAA, serves as … Read more

Why Does HIPAA Exist?

HIPAA exists to safeguard the privacy, security, and confidentiality of individuals’ protected health information (PHI) by establishing national standards and regulations for healthcare providers, health plans, and healthcare clearinghouses, ensuring individuals’ control over their PHI, facilitating the efficient exchange of healthcare data, and promoting trust in the healthcare system. HIPAA exists to protect patients’ privacy, … Read more

Why Did Regulators Add New Standards After HIPAA’s Initial Implementation?

Regulators added new standards after HIPAA’s initial implementation to adapt to evolving technologies, address emerging challenges in healthcare practices, enhance privacy and security protections, mitigate risks associated with electronic health information, and align with changes in the regulatory landscape to ensure the continued effectiveness of HIPAA in safeguarding patient privacy and maintaining the integrity of … Read more

Why was HIPAA Initially Enacted?

HIPAA was initially enacted in response to concerns regarding the privacy and security of individuals’ protected health information (PHI) and the need for standardized regulations to ensure its confidentiality, integrity, and availability. HIPAA was enacted in 1996 to address several key issues related to healthcare and patient information. The primary objective was to establish national … Read more

Why is the HITECH Act Important?

The HITECH Act is important because it aims to promote the adoption and meaningful use of electronic health records (EHRs) to improve healthcare delivery, enhance patient safety, facilitate care coordination, and enable the exchange of health information securely and efficiently. The HITECH Act is a pivotal legislation that promotes the adoption and meaningful use of … Read more

What is Meaningful Use and Why is It Important?

Meaningful Use refers to a set of criteria established by the U.S. government to encourage the adoption and effective use of electronic health record (EHR) systems by healthcare providers. It was introduced as part of the HITECH Act in 2009. The primary importance of Meaningful Use lies in its potential to improve the quality, safety, … Read more

Why is HIPAA Compliance Important?

HIPAA compliance holds significant importance as it serves multiple crucial purposes. It acts as a safeguard for the privacy and security of patients’ sensitive health information. By implementing HIPAA regulations, healthcare organizations can ensure that patient data remains protected from unauthorized access or disclosure, minimizing the risk of potential breaches that could compromise individuals’ personal … Read more

Where Must a Hospital Report a Suspected Breach of PHI?

A hospital must report a suspected breach of Protected Health Information (PHI) to the appropriate regulatory authorities, such as the Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS), as mandated by the HIPAA Privacy Rule. In the unfortunate event of a suspected breach of PHI, hospitals must adhere … Read more

When Can HIPAA Be Broken?

HIPAA can be broken when there is patient authorization, a legal requirement, a necessity for treatment, public health activities, disclosure to avert serious harm, certain research purposes, and when incidental disclosures occur. HIPAA establishes strict guidelines for the protection and privacy of patient health information. However, there are certain circumstances where HIPAA allows for the … Read more

What may not be considered when imposing fines for violating disclosure of PHI?

When imposing fines for violating the disclosure of protected health information (PHI), factors such as the severity of the incident, the intent of the violator, organization size, adequacy of security measures, patient harm assessment, corrective actions, compliance programs, financial hardship, and mitigating factors may not receive sufficient consideration. The imposition of fines for violations related … Read more

Why Did HIPAA Become a Law?

HIPAA became a law to address the rising concerns and challenges associated with the privacy and security of individuals’ protected health information (PHI), ensuring its confidentiality, integrity, and availability in the healthcare industry, while also establishing standards for electronic transactions and providing individuals with rights and control over their health information. HIPAA became a law … Read more

When Must a Breach be Reported?

A breach must be reported under HIPAA when there is an acquisition, access, use, or disclosure of unsecured protected health information (PHI) that compromises the privacy or security of the information, unless the breach falls under certain exceptions. HIPAA establishes guidelines for the protection of patient health information in the United States. It is important … Read more

Why is HIPAA Important in Healthcare?

HIPAA holds significant importance within the healthcare industry, serving as a pivotal safeguard for patient privacy, data security, trust-building, and the efficient exchange of medical information. This legislation, enacted by the United States Congress in 1996, aims to address the evolving challenges posed by healthcare data management and establish a framework that protects patients’ sensitive … Read more

When Does State Privacy Law Supersede HIPAA?

State privacy laws can supersede HIPAA when they provide greater protection for patient privacy and confidentiality or impose additional requirements beyond those established by the federal law, and these state laws may apply to healthcare providers, health plans, and other entities that handle personal health information within a specific state jurisdiction. When it comes to … Read more

HIPAA Email Archiving Requirements

Must Emails be Archived to Comply with HIPAA? HIPAA’s Security Rule does not stipulate that email archives must be HIPAA compliant. However, covered entities should consider archiving their email correspondence in a HIPAA compliant manner. The Security Rule does stipulate that electronic communications that include PHI must be kept for at least six years. These … Read more

Why You Should Know about HIPAA Regulations and Rules?

Understanding HIPAA regulations and rules is of utmost importance for healthcare professionals. HIPAA ensures the protection of patients’ privacy and confidentiality, sets standards for the secure handling of sensitive health information, and establishes guidelines for the exchange of electronic health records. By familiarizing themselves with HIPAA regulations, healthcare professionals can fulfill their ethical and legal … Read more

When is HIPAA Authorization Required?

HIPAA authorization is necessary when a covered entity or a business associate intends to use or disclose an individual’s PHI for purposes not otherwise permitted by the HIPAA Privacy Rule, and the individual’s written permission is obtained. The authorization must be specific, in plain language, and include certain elements outlined in the HIPAA regulations. It … Read more

Why Does HIPAA benefit healthcare professionals?

HIPAA benefits healthcare professionals by establishing strict standards and safeguards for the protection of patient health information, thereby enhancing the integrity, confidentiality, and security of patient data, promoting trust and confidence in the healthcare system, and facilitating efficient and effective healthcare delivery. HIPAA provides numerous benefits to healthcare professionals by establishing standards for the privacy, … Read more

Can you Face Jail Time for up to One Year When Unknowingly Violating HIPAA Rules?

Yes, it is possible to face jail time for up to one year when unknowingly violating HIPAA rules, particularly if the violation involves the unauthorized disclosure of protected health information (PHI) and the severity of the violation is deemed to be significant. Violations of HIPAA regulations are taken seriously and can result in criminal charges, … Read more

What Information Should be Included When Notifying Individuals that their Protected Health Information has Been Breached?

When notifying individuals that their protected health information has been breached, the notification should include a clear description of the incident, including the date and approximate time of the breach, the types of information that were accessed or acquired, a brief description of the steps taken to investigate and mitigate the breach, a summary of … Read more

Why Do We Need HIPAA?

HIPAA is essential because it safeguards sensitive patient information, promotes privacy and security, establishes standards for electronic healthcare transactions, and ensures the continuity and efficiency of healthcare delivery. A comprehensive explanation of the importance of HIPAA, elaborating on its various aspects and implications. HIPAA’s significance lies in its comprehensive approach to safeguarding patient information, promoting … Read more

When Must a HIPAA Breach be Reported?

A HIPAA breach must be reported when it involves the unauthorized acquisition, access, use, or disclosure of protected health information (PHI) that compromises the security or privacy of the individual, and the breach meets the criteria for notification outlined in the HIPAA Breach Notification Rule, which includes conducting a risk assessment to determine if there … Read more

When Does HIPAA not Apply?

HIPAA does not apply when individuals disclose their own health information to anyone who is not a covered entity or business associate, when the information is shared for purposes unrelated to healthcare, when it is already publicly available, or when a person’s health data is handled by entities not covered under HIPAA, such as life … Read more

When Did HIPAA Go Into Effect?

HIPAA, went into effect on April 14, 2003, establishing rules and regulations for the protection of individuals’ health information and ensuring privacy and security in the healthcare industry. The implementation of HIPAA was driven by the recognition of the growing role of technology in healthcare and the need to address the potential risks and vulnerabilities … Read more

Why is it Important to Protect Health Information?

It is vitally important to protect health information due to a myriad of reasons, including the need to ensure patient confidentiality, maintain trust in healthcare systems, comply with legal and ethical obligations, safeguard sensitive medical data from unauthorized access or misuse, prevent potential harm or discrimination against individuals, and promote the overall well-being of patients … Read more

What Happens When You Violate HIPAA?

When you violate HIPAA, which is a federal law in the United States that protects the privacy and security of patients’ medical information, you can face severe consequences including civil and criminal penalties, fines ranging from $100 to $50,000 per violation, imprisonment for up to 10 years for intentional violations, loss of healthcare licenses, reputational … Read more

HIPAA Compliance for SaaS

HIPAA compliance and Saas (Software as a Service) is another area that is causing confusion for many in the healthcare space. This is somewhat understandable as HIPAA was originally introduced in 1996, when the idea of SaaS and cloud storage platforms was far from the common consciousness. More recent Acts and Rules, such as 2009’s … Read more

Why is HIPAA Important in Healthcare?

HIPAA is crucial in healthcare for several reasons. It ensures the privacy and security of individuals’ protected health information (PHI). By setting standards and regulations for the handling of PHI, HIPAA safeguards patient confidentiality, preventing unauthorized access and disclosure of sensitive medical data. HIPAA promotes the portability of health insurance coverage. It ensures that individuals … Read more

Is GoToMeeting HIPAA Compliant?

Is GoToMeeting HIPAA compliant? Could HIPAA covered entities or their business associates use GoToMeeting to share protected health information (PHI) and stay compliant with HIPAA? GoToMeeting is an online conferencing tool developed by LogMeIn. Many solutions of this type exist to enable people to share desktops and perform meetings remotely and they offer a number … Read more

What information can be shared without violating HIPAA?

Under HIPAA, healthcare professionals can share patient information without violating HIPAA rules for the purposes of providing treatment, facilitating payment, conducting healthcare operations, participating in public health activities, reporting victims of abuse, neglect, or domestic violence, complying with health oversight activities like audits and inspections, for judicial and administrative proceedings, for law enforcement purposes, for … Read more

Who Enforces HIPAA?

The Health Insurance Portability and Accountability Act, better known as HIPAA, is an important piece of legislation governing many aspects related to healthcare, but who enforces HIPAA? Which federal departments or bureaus are concerned with checking that covered entities and their business associates are acting in compliance with HIPAA Rules? Who Enforces HIPAA? The chief … Read more

Is Azure HIPAA Compliant?

Is Microsoft Azure HIPAA compliant? Can HIPAA covered entities use Microsoft Azure cloud services in compliance with HIPAA Rules? A lot of healthcare organizations are looking to the cloud as a better way to offer some of their services. Indeed, many have already made the switch. While the cloud represents a number of improvements in … Read more

Nosy Employees Most Common Cause of HIPAA Security Breaches

Loss or theft of mobile devices can lead to the breaches of the largest volume of protected health information (PHI), but HIPAA security breaches are most often caused by unauthorized access to patients’ medical records by nosy employees. Veriphyr Identity and Access Intelligence carried out a survey and found that of the seven-out-of-ten entities that … Read more

HIPAA Record Retention Requirements

HIPAA record retention requirements is understood to relate to two separate but similar retention requirements: those for HIPAA medical record retention and those for HIPAA record retention. This similarity has led to some uncertainty. Below we will try to explain which records are required to be kept for HIPAA compliance and what records covered entities … Read more

Limited Data Sets and HIPAA

In specific circumstances, HIPAA covered entities are allowed to share sets of identifiable healthcare information, known as limited data sets, with authorized institutions and remain in compliance with the HIPAA Privacy Rule. In such cases, data can be shared for research, public health information, and healthcare operations without obtaining permission from patients. Limited data sets … Read more

HIPAA Compliant Paging

While pagers may be seen as an effectively dead technology, there could still be issues arising from their use with protected health information (PHI). Though largely replaced by other messaging devices, some are wondering whether the use of pagers and paging is HIPAA compliant. Are Pagers HIPAA Compliant? The HIPAA Security and Privacy Rules require … Read more

The HIPAA Security Officer’s Responsibilities

Under Federal Regulations, specifically 45 CFR 164.308 – the HIPAA Security Rule’s Administrative Safeguards – HIPAA covered entities must appoint a HIPAA Security Officer. The Security Officer must develop and introduce internal policies and processes to safeguard the integrity of electronic protected health information (ePHI). IT managers are commonly put in this role as ePHI … Read more

When Should You Promote HIPAA Awareness?

All staff members should have been trained on their obligations under HIPAA Rules, but how and when should awareness and knowledge of HIPAA be promoted and increased? How regularly should refresher courses or further training be given? The various organizations subject to HIPAA Rules – covered entities, their business associates, and others – are required … Read more

How to Prevent HIPAA Violations

Despite the best efforts of healthcare organizations and their business associates to protect data and follow HIPAA’s Security, Privacy, and Breach Notification Rules, information breaches can and do still happen. While cybercriminals are the breach bogeymen for most business sectors, healthcare often finds itself let down by its own staff. Even with the best procedures … Read more

HIPAA Compliance for Self-Insured Health Plans

Even some of the more basic aspects of the Health Insurance Portability and Accountability Act (HIPAA) can be difficult to understand, but when it comes to self-insured or self-administered health group plans, the level of complexity goes up a notch. Under HIPAA, healthcare clearing houses, providers, and health plans (referred to as covered entities), are … Read more

HIPAA and De-identification of Protected Health Information

The HIPAA Privacy Rule puts a number of restrictions in place to keep protected health information (PHI) secure. This also hampers healthcare organizations’ ability to share information. A way to share data while remaining HIPAA compliant could be the de-identification of information. PHI that has been de-identified has had its identifying elements removed. HIPAA’s Privacy … Read more

HIPAA Social Media and Texting Guidelines

Last year, Deven McGraw of the Department of Health and Human Services’ Office for Civil Rights (OCR) spoke about 2017’s HIPAA guidance. In 2016, the Joint Commission revised their position by allowing the use of text messages for orders, but this was quickly banned again. Later that year the Joint Commission again changed the ruling … Read more

HIPAA Cell Phone Regulations

Personal phones are increasingly finding themselves being used by healthcare professional to share patient data with care teams. This is an obvious breach of HIPAA Rules. Even if the data is sent to authorized individuals, the use of insecure and unencrypted networks to share sensitive information such as test results and patient data is a … Read more

HIPAA Compliance Requirements for Call Centers

Texting and HIPAA Compliance for Call Centers Any company that provides an answering or call-forwarding service for the healthcare sector needs to be aware of their obligations under the Health Insurance Portability and Accountability Act (HIPAA). Following the introduction of the Final Omnibus Rule in 2013, companies that provide services relating to the processing, sharing, … Read more

HIPAA SMS Compliance and Regulations

The Majority of SMS Messages Violate HIPAA There is no specific rule under HIPAA that outlaws protected health information (PHI) being sent via SMS – “Short Message Service”. However, there are a number of criteria that must be met for the use of SMS to send PHI to be HIPAA compliant. Many SMS messages violate … Read more

Is Using Google Docs HIPAA Compliant

Google Docs and Google Drive are tools that facilitate document sharing, but can they be used to share documents containing protected health information (PHI)? Is using Google Docs HIPAA compliant? Is using Google Docs HIPAA compliant? The answer to whether using Google Docs is HIPAA compliant or not is both yes and no. Whether a … Read more

Can E-Signatures be Used Under HIPAA Rules?

The ability to sign documents electronically has led to gains in efficiency in many industries, including the healthcare sector. However, there is still doubt over whether e-signatures are acceptable under HIPAA rules. The simple answer is “yes, they are acceptable and can be used”, but steps must be taken to validate the security and legal … Read more

What are the Duties of HIPAA Privacy Officers and HIPAA Security Officers

Under the Healthcare Insurance Portability and Accountability Act (HIPAA), all HIPAA-covered entities and business associates must appoint a person (or persons) to the role of HIPAA Compliance Officer. A current employee can be appointed or a new role can be created. The Compliance Officer position can even be filled by outsourcing the duties temporarily or … Read more

Termination of Nurse Following HIPAA Violation Upheld by Court

A North Audubon Hospital registered nurse had her employment contract terminated as a penalty following an allegation by a patient that she had violated HIPAA regulations. Dianna Hereford contested the termination on the grounds of a HIPAA violation by filing an action in Jefferson Circuit Court and stating she had “strictly complied with HIPAA regulations”. … Read more

How Should You Respond to an Unintentional HIPAA Violation?

Almost every HIPAA covered entity, as well as their business associates and the healthcare professionals they employ, does their utmost to guaranteed HIPAA rules are respected – but what happens when an unintentional HIPAA violation occurs? What should covered entities, healthcare employees, and business associates do? How Should Healthcare Employees Report an Unintended HIPAA Violation? … Read more

Mobile Data Security and HIPAA compliance

Can mobile devices be used to transmit health information under HIPAA? Mobile devices such as smartphones, tablets, and other portable devices have transformed the way people work and send information. Healthcare providers and HIPAA-covered entities are no exception and mobile devices can be found in almost every health facility. Sharing information via mobile data may … Read more

A Summary of the HIPAA Breach Notification Rule

The Health Insurance Portability and Accountability Act, commonly know as HIPAA, has probably been the most significant set of regulations to impact the healthcare industry since it first came into law in 1996. Despite this, there are still a number of insurers and healthcare providers that do not fully understand their requirements under HIPAA, especially … Read more

Is Dropbox HIPAA Compliant?

Dropbox offers healthcare organizations a simple tool to store and share files, but is Dropbox HIPAA compliant? Can entities use Dropbox to save or transfer protected health information (PHI)? Is Dropbox HIPAA Complaint? Dropbox offers a service where files can be saved to cloud storage and shared with other users. Many individuals and companies share … Read more

Is Skype HIPAA Compliant?

Skype and similar messaging platforms are useful tools to rapidly share information, but is Skype compliant with HIPAA regulations? Would sending protected health information (PHI) via Skype as part of an electronic text message violate HIPAA rules? Currently, the topic of whether Skype is HIPAA compliant is up for debate. While messages are encrypted and … Read more

Can Patients Sue Following HIPAA Violations?

Is it possible for patients to sue or file lawsuits for a HIPAA violation? As there is no private cause of action in HIPAA, it is not possible for a patient to sue for a HIPAA violation under HIPAA rules. Patients are not entitled to seek damages for violation of HIPAA rules even in cases … Read more

HIPAA Password Requirements and How to Comply With Them

HIPAA password requirements call for a number of processes to be established to create, modify, and protect passwords if no other equally effective security option is in use. We advise the use of two factor authentication as the optimal method to comply with HIPAA password requirements. The HIPAA Security Rule outlines the HIPAA password requirements … Read more

HIPAA Texting Policy

What is a HIPAA Texting Policy? A HIPAA Texting Policy is a guide or set of procedures that should be drawn up following a review of methods used by staff, medical professionals, and business associates to transmit protected health information (PHI). Any risks that have been identified during the review should be addressed by the … Read more

Is Microsoft OneDrive HIPAA Compliant?

Cloud storage offers a number of benefits to companies in many industries, but can covered entities in the healthcare industry use Microsoft OneDrive? Is OneDrive HIPAA compliant? Microsoft Office 365 Business Essentials is a standard software package that is successfully used by healthcare providers. It also includes an online exchange for email. Another feature of … Read more

Reporting HIPAA Violations

Every healthcare employee should know how to report a HIPAA violation, who they should report the violation to, and if the violation warrants a report to the Department of Health and Human Services’ Office for Civil Rights (OCR). HIPAA covered entities and their business associates are obliged to investigate any possible HIPAA violation that occurs … Read more

The Importance of HIPAA

The Health Insurance Portability and Accountability Act, commonly known as HIPAA, is a law that people often talk about, but why is HIPAA so important? What did HIPAA change and how does it impact patients and the healthcare industry? HIPAA came into effect in 1996 with the goal of addressing the issue of health insurance … Read more

Is Amazon’s Alexa HIPAA Compliant?

For the moment, Amazon’s Alexa is not HIPAA compliant. This reduces its utility to those in the healthcare field. This is surely only temporary and a HIPAA compliant version may be on its way. Amazon’s cloud platform, Amazon Web Services (AWS), can be used in compliance with HIPAA, and Amazon are said to be interested … Read more

Is Google Voice HIPAA Compliant?

Google Voice is a telephony service from Google used by people as a call forwarding and messaging service, among other functions. Many are asking the question of whether Google Voice is HIPAA compliant or not – can it be used by healthcare employees in compliance with HIPAA rules? Is Google Voice HIPAA compliant? Google Voice … Read more

Is Google Hangouts HIPAA Compliant?

Google Hangouts is one among many apps, social media tools, and messaging services that healthcare professionals want to use to share protected health information (PHI). Is Google Hangouts HIPAA compliant and can it be used to share PHI? Is Google Hangouts HIPAA Compliant? Healthcare organizations use a range of Google services every day. Google Hangouts, … Read more

Is Facebook Messenger HIPAA Compliant

Is Facebook Messenger HIPAA compliant and can it be used by healthcare professionals to share protected health information (PHI) in compliance with HIPAA Rules? Healthcare professionals are increasingly using non-traditional communication tools and platforms. Many are wondering if these platforms can be used to share PHI. Somewhat thanks to Facebook’s popularity, their chat application Facebook … Read more

HIPAA Violation Reporting Requirements

HIPAA covered entities must know their obligations under the HIPAA Breach Notification Rule and have processes ready to be put in place should a protected health information (PHI) disclosure be discovered. Even if covered entities are familiar with the requirements in theory, those who have never suffered a breach may not understand their duties in … Read more

What is the Purpose of HIPAA

The Health Insurance Portability and Accountability Act, more commonly known as HIPAA, imposes a number of restrictions and requirements on the healthcare sector, but what is the purpose of HIPAA? Healthcare staff can be quite vocal on things prohibited by HIPAA, but are the gains worth the effort? What is the Purpose of HIPAA? Enacted … Read more

What happens if a nurse violates HIPAA?

If a Nurse violates HIPAA rules, what happens next? How would this HIPAA violation be dealt with and what penalties could an individual face for accidentally or deliberately violating HIPAA by accessing, disclosing, or sharing protected health information (PHI) without proper authorization? All covered entities and their business associates must follow the Health Insurance Portability … Read more

Rules Concerning HIPAA and Patient Telephone Calls Confirmed by FCC

A Declaratory Ruling and Order to clarify HIPAA rules concerning patient telephone calls has been issued by the Federal Communication Commission (FCC) Understanding of and compliance between the Telephone Consumer Protection Act (TCPA) and patient telephone call rules under HIPAA have long caused trouble for a number of healthcare providers. Finally, 24 years after the … Read more

Is FaceTime HIPAA Compliant?

FaceTime is a video call service offered by Apple between certain iOS devices, but is it HIPAA compliant? Would it be against HIPAA Rules to use FaceTime to share protected heath information (PHI)? Below, we will review the security measures used by FaceTime; ask whether a business associate agreement (BAA) with Apple would be necessary; … Read more

The Benefits of Using Blockchain for Medical Records

Blockchain technology is widely spoken about when discussing the security of cyptocurrency transactions, but could blockchain be used for medical records? Could the use of blockchain technology benefit and improve the security of healthcare data? It is still early days when it comes to using blockchain to access medical records, but the potential improvements in … Read more

Is G Suite HIPAA Compliant?

Is Google’s G Suite HIPAA compliant? Can healthcare organizations and covered entities use G Suite and not be in violation of HIPAA? Google have included a number of security and privacy features in G Suite to ensure it can be used in a manner compliant with the HIPAA Security Rule. Google have also shown their … Read more