Blog Archives

The First Steps to Becoming HIPAA Compliant

When we schedule an appointment to go over HIPAA compliance with a new client, we are always asked, “Where do I even start?” by the owner or practice manager. Becoming HIPAA compliant is a complex proposition that takes time, knowledge,

Posted in HIPAA, Privacy, Security

HIPAA Incident Response and Reporting

  Healthcare organizations must take extra special care of protected health information (PHI). And part of the HIPAA security rule is a group of rules regarding how to respond to a security incident and how to go about reporting that

Posted in HIPAA, Privacy, Security Tagged with:

Business Associate Agreements Between Covered Entities

During our mock HIPAA audit process, we always verify Business Associate Agreements (BAAs) for our clients who are either Covered Entities (CEs) or Business Associates (BAs). In the process of deciding which BAAs are required, we are often asked about what

Posted in HIPAA, Privacy Tagged with: , , ,

Discussing PHI With Relatives and Friends of Your Patient

I was recently asked about the following situation: If a patient’s wife, mother, husband, father, or friend calls in to make an appointment on their behalf, what all can I discuss with them? Do I need a patient’s authorization first

Posted in HIPAA, Privacy Tagged with: , ,

How to Prepare For HIPAA Breaches

There are many steps you can take to prepare your organization for a HIPAA breach. If you are proactive, you can mitigate the severity of a breach considerably. And if you have the right policies in place, you can save

Posted in Business, HIPAA, Privacy, Security Tagged with:

HIPAA and Minimum Necessary Disclosures

HIPAA regulations state that when using or disclosing PHI (protected health information) or when requesting PHI from another covered entity (a doctor’s office, dental practice, etc), a covered entity must make reasonable efforts to limit PHI, to the minimum necessary, to

Posted in Dental, HIPAA, Privacy, Security

Rules For Sending And Receiving Protected Health Information (PHI)

HIPAA requires that covered entities (organizations who provide treatment to patients, bill insurance plans, or create protected health information (PHI)) must protect their PHI. This protection extends to sending and receiving PHI. Moreover, there are specific rules for how to

Posted in Business, Email, Encryption, HIPAA Tagged with: ,

HIPAA Compliance For Nonprofit Organizations

There are more than 1.5 million nonprofit organizations in the United States. Of those, the National Center for Charitable Statistics estimates that over 170,000 are in the health related sector. Many of these health services nonprofits are currently unaware that

Posted in HIPAA, Security Tagged with:

OCR Announces Fines for Breaches Affecting Fewer Than 500 Patients

As a HIPAA compliance IT consultant I work with many small dental and medical practices that are affected by HIPAA regulations. For many years, dental practitioners and boutique medical service providers have been able to fly under the radar of

Posted in Business, Dental, HIPAA, Security

The Importance of Encryption for HIPAA Compliance

Encryption. . .what does it mean to encrypt something? Why is it important? And why is it particularly important for covered entities and business associates in the health services industry? What can you do to make sure your data is

Posted in Cloud, Data Backup, Dental, Email, Encryption, HIPAA, Security Tagged with: