Author Archives: Mary Johnson

How to Investigate a Suspected Breach

To manage incidents and suspected breaches: Adopt a policy and a well-defined process to clearly identify: 1. What constitutes a breach? 2. Report to ? 3. Steps for staff incident and breach response Have on hand: 1. Investigation forms to … Continue reading

Posted in Did You Know?, HIPAA/Omnibus | Comments Off on How to Investigate a Suspected Breach

Medical Identity Theft On the Rise

The number of identity theft victims increased 20% in the past year with an estimated 313,000 new cases of medical identity theft. HCPro HIPAA Update on Ponemon Institute’s 2013 Survey on Medical Identity Theft. As a result the number of individuals who … Continue reading

Posted in Did You Know?, Medical Identity Theft | Comments Off on Medical Identity Theft On the Rise

Notice of Privacy Practices Templates Available

Model notices of privacy practices are available in three customizable styles for your covered entity or health plan. A collaboration between The US Department of Health & Human Services (HHS) and the Office of the National Coordinator use of these … Continue reading

Posted in Did You Know? | Comments Off on Notice of Privacy Practices Templates Available

Cancer Registries and Minimum Necessary

HIPAA Q&A: How do CEs comply with the “minimum necessary” requirements under HIPAA?        HIM-HIPAA Insider, September 9, 2013 Does HIPAA require giving access to all of our patients’ records, even those without cancer, to our local hospitals if … Continue reading

Posted in Minimum Necessary | Comments Off on Cancer Registries and Minimum Necessary

Business Associate Agreement Decision Tree

WEDI Business Associate Agreement Decision Tree  

Posted in Did You Know?, HIPAA/Omnibus | Comments Off on Business Associate Agreement Decision Tree

Large patient breach number approaches 600

OCR has reported 31 large patient information breaches in less than two months, according to its breach notification website. OCR, the HIPAA privacy and security enforcer, had reported 543 patient-information breaches affecting 500 or more individuals as of March 1. … Continue reading

Posted in HIPAA/Omnibus | Comments Off on Large patient breach number approaches 600

5 steps to protect patient privacy

1. Update policies and procedures to include mobile devices and BYOD. This is especially critical if your organization permits employees and medical staff to use their own mobile devices to connect to their networks or enterprise systems such as email. 2. … Continue reading

Posted in Did You Know? | Comments Off on 5 steps to protect patient privacy

State of MN Notice of Patient Rights

This notice of patient rights to records is to be posted in each clinic. Notice includes when records can be accessed without notifying the patient and is available in several languages. http://www.health.state.mn.us/divs/hpsc/dap/notice.pdf    

Posted in Patient Rights | Comments Off on State of MN Notice of Patient Rights

Hot first half of March for OCR large breach reports

OCR has reported about a breach a day over the first two and a half weeks of March, according to its breach notification website. OCR, the HIPAA privacy and security enforcer, had reported 543 patient-information breaches affecting 500 or more … Continue reading

Posted in HIPAA/Omnibus | Comments Off on Hot first half of March for OCR large breach reports

ONC Health IT Resources for CAH and small, rural hospitals

Resources for Critical Access Hospitals and Small Rural Hospitals ONC has launched the first in a series of web pages tailored to meet the health IT needs of Critical Access Hospitals (CAH) and small, rural hospitals. This effort is in support of … Continue reading

Posted in Electronic Records | Comments Off on ONC Health IT Resources for CAH and small, rural hospitals