Organizations, known as covered entities, subject to HIPAA regulations already have a difficult time preventing and detecting unauthorized access to patient information within their own organizations – now they have the added burden of managing the access of business associates. This was the case with Meritus Health, who recently notified the Department of Health and Human Services’ Office for Civil Rights that one of their business associates had inappropriately accessed patient information. … [Read more...]
PHI – Protected Health Information
HIPAA, the Health Insurance Portability and Accountability Act, directly affects all organizations that directly maintain and transmit protected health information. These include: health care providers hospitals physician practices dental practices health plans laboratories health care clearinghouses pharmacies, etc. In addition, business associates who work with these organizations and have access to protected health information, or PHI, now also fall under the HIPAA … [Read more...]
Proper Handling of Electronic Data
No one plans to have a data breach. People don’t intentionally leave themselves open to electronic data theft. But because some business owners and managers are not intentional about having a plan to protect their electronic data, many do put their companies at risk of a data breach or theft of electronic data. Most companies are aware of the risk of information theft associated with paper documents. Many have contracted with paper shredding companies to destroy their paper files. They will … [Read more...]
HIPAA Penalties for Breaches
An IT friend recently told us about a doctor who had his computer stolen from out of his office. The doctor, the victim of a robbery, ended up having to pay a $50,000 fine for his stolen computer– ouch! First your computer gets stolen and then YOU get fined? What’s up with that? HIPAA, that’s what. The HIPAA penalties for breaches are costly, painful, and…mostly avoidable. HIPAA penalties for breaches occur whenever a data containing device that has consumers’ personal health or other … [Read more...]