HIPAA-HITECH and Regulatory Compliance

HIPAA-HITECH compliance is a must for Covered Entities and Business Associates. HIPAA audits are carried out to ensure HIPAA-HITECH compliance. The HITECH Act was passed to set up processes to determine and investigate whether healthcare providers are compliant with the provisions of the Privacy Rule and the Security Rule. The Office of Civil Rights is responsible for enforcing these Rules through audits.

HIPAA Omnibus Rule is a near total rework of the HIPAA

The HIPAA Omnibus Rule of 2013 was promulgated to make changes into the existing HIPAA of 1996. These are considered the most far-reaching changes into the legislation since its birth. more...


HIPAA risk analysis vs. risk assessment

HIPAA risk analysis vs risk assessment is an interesting point, because it can be a little confusing. Healthcare professionals, however, grasp the subtleties between the two and help healthcare organizations clear confusions about the two of them. more...


ePHI protection rests on the foundation of HIPAA risk analysis

HIPAA risk analysis is the fulcrum for ePHI protection; yet, the principles enunciated here are general. Healthcare organizations need to select the right standard and implement it to secure their ePHI. more...


HIPAA safeguards are of utmost significance in ensuring privacy of health information

HIPAA safeguards are a set of comprehensive protections of health data from ePHI. Organizations that need to be HIPAA compliant have to implement these. more...


HIPAA Security Rule Policies and Procedures are to be tailored according to an organization's requirements

HIPAA Security Rule policies and procedures give Covered Entities enough leeway in implementing its guidelines. It advocates flexibility and common sense in approach, as the needs of each healthcare organization are different and specific. more...


HIPAA Survival Guide

The HIPAA Survival Guide is a set of practical help guides that seek to make compliance with HIPAA and HITECH easy for providers. This kit is some kind of checklist on what to keep in mind and implement to survive a HIPAA audit. more...


HIPAA and Security Breaches

HIPAA has clearly defined rules on how to report security breaches. Reporting these according to prescribed norms is in the best interest of Business Associates, Covered Entities, as well as individuals whose security has been breached. more...


Tips for being successful at a HIPAA Audit

A HIPAA audit is very important for service providing organizations, because the penalties for violations can bring their business down. It is important to understand the nuances of a HIPAA audit if one has to be successful. more...


HIPAA Compliance and Patient Care

Incidental disclosures form the crux of HIPAA compliance and patient care. HIPAA has elaborate rules on how to maintain these and in what situations. more...


HIPAA Compliance is a vital requirement for healthcare providers and a host of other players

Compliance with the Health Insurance Portability and Accountability Act (HIPAA) is a core requirement of the stakeholders involved in health information. more...


HIPAA Fundraising now has a fully refreshed set of requirements

HIPAA fundraising has now been cleared of all its earlier ambiguities. The HHS-issued Final Omnibus Rule of 2013 does away with many of the fallacies of the earlier legislation and arms both the patient and healthcare provider with added strengths. more...


Portable Devices and HIPAA

Portable devices and HIPAA are not the best of friends. The advent of portable devices as a means of information sharing has spawned the need to look at the HIPAA Security Rule afresh. more...


Understanding Medical Identity Theft and ways of preventing it

Medical Identity Theft is a common phenomenon in today's situation, where most health records are digitized. Although a lot of precaution goes into the security and protection of these records, Medical Identity Theft is a cause for worry. more...


HIPAA violations in the social media

One of core requirements of The Health Insurance Portability and Accountability Act (HIPAA) is the protection of Patient Health Information (PHI). This is a requirement on which there is no compromise or exception. Breach of PHI can result in fines ranging up to $250,000 and/or imprisonment of up to a decade. This makes the prospect of a HIPAA violation very dangerous. more...


A few ethical issues in Electronic Health Records

To say that the rise of the idea of Electronic Health Records (EHR's) has revolutionized the way patient information is created and accessed is to make a big understatement. A typical byproduct of the Internet revolution, EHR's have absolutely hastened the way caregivers and physicians have access to medical records. This has accelerated the speed of caregiving. So quick and widespread has the use of EHR's been that the American Congress found it necessary to legislate a federal statute to regulate this activity. more...


The Electronic Health Record Standards of 2010

In July 2010, the Obama administration chalked out new Electronic Health Record Standards. These Electronic Health Record Standards were a major improvisation on the standards that existed till then. The idea behind revising the existing Standards is to engender full conversion, to avoid duplication of data, and to bring about greater coordination of data across the various sectors of the healthcare industry, as well as to put in automation processes that bring about better, smoother and more dependable care. more...


HIPAA violations and law enforcement

Protection of health information of patients is one of the primary aims that the Health Insurance Portability and Accountability Act (HIPAA) seeks to achieve. This being the case, it is natural that whenever an entity that is tasked with protection of this data fails to achieve this, it has to face penalties and other punishments for HIPAA violations. HIPAA violations and law enforcement play a major role as a medium in ensuring that patient information is kept confidential as required by this legislation. more...


Choosing the right HIPAA/HITECH Compliance Solutions

HIPAA/HITECH require a high degree of compliance with the standards set out in them. Covered Entities, consisting of Business Associates, healthcare providers and health plans have to implement provisions of the HIPAA/HITECH. more...


HIPAA Enforcement trends

Health Insurance Portability and Accountability Act (HIPAA) is a legislation of the American Congress. HIPAA enforcement consists of taking steps to confirm that rules set out in HIPAA are being complied with by the requisite entities. more...


Some notable HIPAA Myths and Facts

The Health Insurance Portability and Accountability Act, more popularly called HIPAA, is the defining federal statute on health privacy. It was enacted in 1996 under President Bill Clinton, and is as of now the only national health privacy law in the US. Although two decades have lapsed from the time of the passage of this important legislation, there still persist many myths and misconceptions about HIPAA. more...


HIPAA Privacy Myths

HIPAA, the most comprehensive and as of now, the only truly Pan-American federal statute on health information, is unfortunately, still a target of misconceptions and myths. In particular, the Privacy Rule, which is the cornerstone of HIPAA's rule on confidentiality of patient information, offers room for many misconceptions. more...


The HIPAA/HITECH Security Audit

The federal Health Insurance Portability and Accountability Act (HIPAA) was legislated in 1996 with the primary aim of ensuring that employees who are in the process of changing or leaving their jobs do not lose their health insurance benefits. Additionally, HIPAA sought to bring down health care fraud and abuse by mandating pan-industry standards for the protection of health care information and automated billing and other related processes, and for ensuring the security of Protected Health Information (PHI). more...


OCR Audits are slated for early 2016

The Office of Civil Rights (OCR) carries out Healthcare Insurance Portability and Accountability Act (HIPAA) audits of Business Associates and Covered Entities. The purpose of these audits is to ensure that these entities are compliant with the provisions laid out in HIPAA under the HITECH Act. more...


Patient Rights granted under HIPAA

The Health Insurance Portability and Accountability Act (HIPAA) was passed in 1996 with the chief aim of protecting employees from health insurance benefits when they lose or change jobs, and for facilitating patient records through automation. It seeks to ensure patient privacy by establishing a set of national standards for electronic patient health information and what are called Business Associates and Covered Entities. more...


HIPAA Breach Notification Rules and its new version

Let us begin at the beginning: What is breach notification? The term is pretty simple to understand. It means notifying the authorities whenever there is a breach of Protected Health Information (PHI). Covered Entities (CE's) and Business Associates (BA's), who are closely associated with PHI, and individuals whose PHI data are breached, are required to bring such data breaches to the notice of the authorities, whenever there is one. more...


Practical steps to compliance with HIPAA Computer Policy

That the HIPAA has a clear and stringent policy on computers is absolutely understandable, because computers constitute the very soul of HIPAA. Ensuring security of patient data is one of the core causes for which HIPAA was enacted; so, it is only natural that Computer Policy should be at the center of HIPAA compliance. more...


The HIPAA Enforcement Rule

The HIPAA Enforcement Rule is a decree from HIPAA that sets out the rules that govern the responsibilities and requirements of Covered Entities and Business Associates about how it expects them to cooperate in the enforcement process. The HIPAA Enforcement Rule also sets out another important principle: It lays out rules describing how the Human and Health Services (HHS) investigates noncompliance by Covered Entities and Business Associates. This the HHS does through two mechanisms: Investigation of complaints it receives, and through compliance reviews. more...


The HIPAA self-assessment tool - a brief understanding

HIPAA self-assessment is an essential part of organizations that come under HIPAA. HIPAA self-assessment is to be done by organizations from time to time as a means to ensure that they are compliant with HIPAA requirements. more...


IT and HIPAA are indispensable to each other

IT and HIPAA go hand in hand, since the core aim of HIPAA is ensuring IT security. HIPAA issues broadly stated compliance requirements that organizations and practices have to adapt to suit their unique needs. more...