Two recent settlements by large healthcare organizations remind us where the lines are being drawn by the Office of Civil Rights (OCR) of the US Department of Health and Human…
Tag: ePHI
HIPAA Audits – What the Feds found in the first round
With the relatively slow roll-out of regulations and enforcement, HIPAA audits always seemed as if they were something to be concerned with in the future, but not necessarily in the…
HIPAA Breach of PHI: Repairs are Costly, but Avoidance can be Simple!
The HIPPA Privacy Rule addresses Protected Health Information (PHI), and the HIPAA Security Rule directly addresses Electronic Protected Health Information (ePHI). In both cases, a HIPAA breach can be a…
HIPAA Compliant Email: some proactive strategies
Part two of a two-part series on HIPAA Compliant Email In Part I of this post, we reviewed some of the statements that the Office of Civil Rights (OCR), the…
HIPAA and Email: there are rules
Part one of a two-part series on HIPAA and email. Email has been widely used by both businesses and the general public for much of the last thirty years, and…
A Business Associate HIPAA Risk Assessment … “Why is it necessary?”
Organizations that were once “just” business associates of Covered Entities are realizing that they’re subject to HIPAA regulations to the same extent as the Covered Entities they contract with. And…