Tag Archive | "PHI"
For PHI Peace of Mind, Be Kind & Remind
Crafting log-on banners helps staff safeguard protected info. Don’t have the time or energy to tie strings around your workforce’s fingers to remind them about the importance of safeguarding the privacy of protected health information (PHI)? Well, here’s a far more practical and effective way to remind your staff to be on guard when it comes to handling PHI.
Continue reading...Use Role-Based Access Control to Limit PHI Leaks
Wednesday, April 21, 2010
Stop unauthorized PHI disclosures before they start with ‘RBAC.’ If you don’t limit the amount of confidential data your staff can access, how can you ensure that unauthorized disclosures of medical information don’t occur, in violation of HIPAA? One way is to implement a Role-Based Access Control (RBAC) model to determine who has access to your organization’s medical data files. We’ll show you how to get started.
Continue reading...Does OCR Verify PHI Breach Complaints Before Investigating?
Wednesday, April 21, 2010
Question: Does the HHS Office of Civil Rights verify the complaints it gets concerning breaches of private health information in alleged violation of HIPAA’s privacy or security rules before launching an investigation? As a covered entity, we’re concerned that someone might decide to use the breach reporting system on OCR’s web site to make totally unfounded complaints and harass our organization. Read on for the answer, straight from the OCR’s mouth…
Continue reading...Do We Have To Report All Employee Contact With Patients’ PHI?
Wednesday, April 14, 2010
Question: A patient requested that we account for all disclosures of her protected health information (PHI). Does the privacy rule require us to provide her with the names of each employee who accessed her medical information? Answer: No, says Kelley Meeusen, privacy officer for Harrison Hospital in Bremerton, WA. “HIPAA created a clear distinction between ‘uses’ and ‘disclosures,’” and internal employee access is most likely a ‘use,’ he explains.
Continue reading...Got Removable Media? These 5 Tips Safeguard Your PHI
Wednesday, April 7, 2010
Don’t let lost pen-drives and other removable media cause deep regrets. You have your protected health information (PHI),but can you take it with you? Yes, you can, but unfortunately, so can many others who shouldn’t. HIPAA requires you to have controls on so-called, “removable media.” Here are some simple tips you can use to keep pendrives, CD-ROMs, external hard disks, and other media properly accounted for. HIPAA’s security rule requires you to take certain precautions when it comes to media devices that contain PHI [164.310(d)(1)]. That means you have to implement policies and procedures that address the receipt and removal of hardware and electronic media that contain electronic PHI into and out of your facility, as well as the movement of such media within your facility. 1. Identify your problem areas. How many pen-drives contain PHI in your facility? Do you know where they are at all times? There are…
Continue reading...Will You De-Identify Your Patients’ PHI?
Wednesday, April 7, 2010
De-identification safe harbors in the new HIPAA Privacy rule may be tempting: The new penalty provisions of the rule do not apply – nor does HIPAA in general – to the loss or disclosure of protected health information that has been “de-identified,” or, so to speak, “cleaned.” If your practice or organization is interested in learning how to de-identify health information so that you don’t have to worry quite so much about the new penalties – which can now reach $1.5 million – read on for a primer, along with the possible downsides.
Continue reading...How the Threat of PHI Breaches Decreases Quality of Care
Thursday, March 25, 2010
Plus, your chance to ‘eavesdrop’ on security breaches among healthcare providers across the nation. Any health information professional who uncritically sings the praises of electronic health records should check out this psychiatrist’s op ed piece in The Wall Street Journal. EHRs have the potential to actually decrease quality of care “if patients fear sharing information with their doctors because they know it isn’t private,” writes Dr. Deborah Peel, a practicing psychiatrist who’s the founder of Patient Privacy Rights. “When patients realize they can’t control who sees their electronic health records, they will be far less likely to tell their doctors about drinking problems, feelings of depression, or exposure to sexually transmitted diseases.” And there’s ample evidence that patients already doubt that their medical records are private and secure, despite those long HIPAA forms they routinely sign in doctors’ offices. For example, fifty-nine percent of…
Continue reading...HIPAA Compliance: Outsource PHI Security Safely With These 5 Steps
Monday, March 22, 2010
Learn these facts before you nail down your HIPAA plan with a consultant. You may be relieved to find a consultant who is willing to take over the overwhelming task of helping you protect the privacy in your medical records — but keep in mind that not all outsourced privacy protection companies are the same. Last week, the Federal Trade Commission (FTC) settled with LifeLock, Inc., a company that offered identity protection services. “According to the lawsuit, LifeLock claimed its service would protect consumers against all forms of identity theft, when, in fact, LifeLock offered only limited protection against only some forms of ID theft,” the FTC’s statement noted regarding its $11 million settlement with LifeLock. If you’d like help staying current with HIPAA privacy regulations, consider these tips before you outsource any of your privacy needs. 1. The Government Does Allow HIPAA Consultants. Practices that are gun-shy about asking for…
Continue reading...Reader Question: Are Photographs PHI Identifiers?
Thursday, March 18, 2010
Question: For demonstration purposes in a sales context, if a picture or video of a patient were used with no identifying information, would this violate Health Insurance Portability and Accountability Act (HIPAA)? Answer: A photo is an identifier, explains Kristen Rosati, a partner at Coppersmith Gordon Schermer Owens & Nelson. Why? Read on …
Continue reading...Study Shows File-Sharing Can Kill Your PHI Security Softly
Thursday, March 11, 2010
Warning: Your physicians are strumming your compliance pain with their file-sharing fingers. If HIPAA compliance is your business, you’ll want to note a new study pointing toward a disturbing trend: doctors risking patient’s personal health information (PHI) through file-sharing — typically without even knowing about it. The study, conducted among U.S. IP addresses containing PHI and using file-sharing features, found that “search terms used in these file-sharing networks showed that a small percentage of the terms would return PHI … files.” This “small percentage” actually translate into thousands of U.S. computers, meaning PHI is out there for the plucking if physicians aren’t careful. “There are people successfully searching for … PHI on the peer-to-peer file-sharing networks,” according to the JAMIA study, “The inadvertent disclosure of personal health information through peer-to-peer file sharing program.” Some Features Difficult to Undo JAMIA divides its study…
Continue reading...- tower200: What concerns me most about the Government plan is...
- Jeffrey Zelmanow: To add to the answer, when considering identifiers...
- Jake @ social work jobs: Switching to a better networked system is a huge r...
- Mia: Just wondering whether there will be an interface ...
- Chuck Everett: I don't agree that the iPad will "jump-start" EMR ...
- Industry Group Announces Top 5 HIT Companies for 2010
- OCR May Expand Accounting of Disclosures under HIPAA
- EMR Use Might Distract Clinicians from Patient Interaction
- HHS Online Data Breach List Thrives
- Most Hospital CIOs Cite EMR as Top Priority
- HIT: Just in Time to Cure the Recession?
- HHS Pumps More Money into HIT Adoption Efforts
- Consumers Called to Contribute to ‘Meaningful Use’ Definition
- DEA Clears One Hurdle to “Meaningful Use” of EHR
- Study Shows File-Sharing Can Kill Your PHI Security Softly
Wednesday, May 12, 2010
0 Comments