Patient Privacy

Interoperability and HIE

Regulatory and Compliance

Medical Device Integration

Report Writing

Perspectives

Patient Privacy Made Smarter

It has been more than a decade since the HIPAA Security Rule established technical safeguards which require organizations to audit access to electronic protected health information. Since then, auditing programs have continued to grow in size and scope.

Read More

Update on HIPAA Audits, from an Insider

Iliana Peters, OCR’s Senior Advisor for HIPAA Compliance and Enforcement, was the featured speaker in the September 19 HealthcareITSecurity.com webinar sponsored by Iatric Systems. Her topic: "What Covered Entities Need to Know about OCR HIPAA Audits." As national lead for OCR enforcement of the HIPAA Rules, she’s uniquely qualified to give us an update on HIPAA audits.

Read More

New HIPAA Enforcer Means Business – Make Sure You’re Prepared

I was very interested to read a recent article in Healthcare Info Security about the new HIPAA enforcer’s plans. Roger Severino, the new director of the Department of Health and Human Services' Office for Civil Rights (OCR), says his top enforcement priority for the coming year is to find a major, egregious privacy breach to use as an example from which others can learn.

Read More

New Lessons on Patient Privacy Breaches and OCR HIPAA Settlements

When I came across this article on HealthITSecurity.com: "5 Lessons Learned in OCR HIPAA Settlements" I knew I wanted to share it with you. It reports on the outcome of the past two years of OCR HIPAA settlements and shows how likely it is for healthcare organizations to experience a breach at some point in time. As you will read, when healthcare organizations had a breach that caught them by surprise, they experienced significant reporting efforts and costly fines.

Read More

OCR is doing a good thing by making us “Eat our Vegetables”

Healthcare is, at its core, based on relationships. And, as with any relationship, trust is foundational to building and maintaining a strong relationship. Trust can be fragile and fleeting. It can be either eroded or enhanced in an instant.

Providers have to build a culture of privacy within their organization — one where privacy and security aren’t just occasionally mentioned, but frequently talked about. After all, healthcare providers are stewards of precious information.

Unfortunately, the data that healthcare providers have is also extremely valuable.

Read More

Why You Should Embrace an OCR Audit

News that your organization could be facing an audit is usually cause for anxiety and much gnashing of teeth. At best, it means scrambling to assemble the required information before the deadline expires. At worst...well, let’s not go there.

Read More

Reducing Improper Access of Patient Records by 98%

When hospital clinicians are accessing patient records thousands of times daily, how do you spot the access that’s questionable or worse?

Read More

4 Ways To Reduce the Number of Patient Privacy Audits

We all know that as EMRs replace paper records, it is impossible to manually review millions of audit logs to check for potential patient privacy breaches. As a result, in the past, most organizations resorted to random audits. I want to believe that a majority of healthcare organizations are now using technology to automate the monitoring of these patient access logs.

Read More

Map Your Way to a Successful Patient Privacy Program

I have had many conversations with our customers regarding patient privacy monitoring, including the importance of capturing and mapping key data elements such as Guarantor/Subscriber, Next of Kin, and High Profile Patients. These sites varied greatly in size — hospitals, critical access hospitals, HIE organizations, clinics, and providers. Each of these patient privacy monitoring implementations came with unique challenges. I have to say that it’s always interesting to learn what data customers want to include in their treasure chest, to deem their implementation successful.

Read More

Risk Based Patient Privacy Monitoring

Healthcare Privacy and Information Security programs have evolved substantially in recent years. This is due not only to the requirements of Meaningful Use, HIPAA, and HITECH, but due to the growing threats to our sensitive information. Recent Cyber security analysis estimates that nearly half of all cyber attacks identified in 2015 were directed at healthcare. Many of these incidents involved insider threats or the mishandling of information by staff. It can be a daunting task to keep our Privacy and Security practices ahead of the threats that target them. This is why a risk-based approach to auditing is not only helpful, it is necessary.       

Read More

Comments

0 COMMENTS