Posts Tagged ‘protected health information’
Tuesday, January 11th, 2022
This HIPAA compliance checklist was designed to help organizations understand their obligations under the law. The checklist items are not a complete list, just a starting point for your compliance program. HIPAA requires a yearly risk analysis to identify new vulnerabilities. Any business process change or new technology usage introduces new risk into an organization’s security program, so it’s important to review the standards regularly.
Read the rest of this post »
Tags: addressable, compliant, encryption, ePHI, hipaa, hipaa checklist, hipaa compliance, hitech, omnibus, phi, protected health information, security
Posted in LuxSci Library: HIPAA
No comments »
Tuesday, March 2nd, 2021
Telehealth is the new standard thanks to the Covid-19 pandemic. Many medical providers are finding that telehealth is a safer option during the pandemic, and it can also help increase patient access to healthcare and improve outcomes. Along with video appointments, the virtual medicine push includes making protected health information available to patients via a website and collecting similar private information from patients or would-be patients online.
However, where the health information of an identifiable individual is involved, the Health Insurance Portability and Accountability Act (HIPAA) is the official compliance document. The Omnibus rule requires all websites, old and new, to be appropriately designed, or their owners can face potential financial liability into the millions of dollars.
So, what do these requirements mean, and how can HIPAA be followed in the context of a website?
Read the rest of this post »
Tags: backup, disposal, electronic prescription, encrypted, escrow, form, Health Insurance Portability and Accountability Act, hipaa, hipaa-secure, patient, pgp, privacy agreement, protected health information, s/mime, secure ftp, secureline, ssl, web form, web site
Posted in Business Solutions, LuxSci Library: HIPAA, Popular Posts, Secure Form
2 Comments »
Friday, September 15th, 2017
There is often a great deal of confusion and misinformation about what constitutes ePHI (electronic protected health information) and how to protect it under HIPAA requirements. Even once you understand ePHI and how it applies to you, the next question becomes, where is ePHI permitted? What is secure and what is not?
We will answer the “what is ePHI” question in general and the “where can I put it” question regarding web and email hosting and Secure Form processing at LuxSci.
Read the rest of this post »
Tags: business as, covered entity, email, ePHI, hipaa, omnibus, protected health information
Posted in LuxSci Library: HIPAA, Popular Posts
No comments »
Tuesday, September 12th, 2017
Many organizations, especially in the healthcare industry, have an urgent need to send important and sensitive information, like protected health information (what constitutes PHI?), to organizations via FAX (facsimile).
Why? Because this is how it has always been done, and everyone is “set up” to be able to handle FAXes quickly and efficiently.
Go back in time 10-15 years. Every doctor’s office and small business had one or more FAX machines for sending documents and pictures back and forth. It was essential technology that became ingrained into business processes through constant, repetitive use. Everyone knows how to use a FAX machine, even the most technologically challenged staff member.
Fast forward to now:
- Fax Machines have changed. They are now all-in-one devices that scan, print, copy, send files to your computer, and more. The “FAX” ability is now just a minor extra feature.
- HIPAA has arrived and evolved. It used to be that sending patient (ePHI) data via FAX was the norm. Now, it is perilous to send such private data over regular FAX lines, as it is easy for that process to break down and violate HIPAA. E.g. see this $2.5 million dollar law suite resulting from 1 fax message.
- Everyone has a computer or tablet. Most doctors and staff members have access to email, a HIPAA-secured computer or tablet, and familiarity with how to use them … and have been trained on best practices via the required HIPAA security training that everyone has to have now-a-days.
- Paperless offices. Workplaces have or are evolving to become paperless — everything is stored electronically. Regular FAXes are often disdained in favor or email; when regular FAXes do arrive, they are often scanned to electronic files and then destroyed.
- Low resolution. Faxes are low-resolution. They are slow and they do not contain a great amount of detail. They are not great for sending anything graphical.
Read the rest of this post »
Tags: document, facsimile, fax, hipaa, hipaa compliant, hipaa fax, hipaa security, phi, phone, protected health information, Safeguards Principle, secure, secure fax
Posted in LuxSci Library: HIPAA, Popular Posts
3 Comments »
Friday, August 30th, 2013
Performing daily business transactions through electronic technologies is accepted, reliable, and necessary across the nation’s healthcare sectors. Therefore, electronic communications and email have become a standard in the healthcare industry as a way to conduct business activities that commonly include:
- Interacting with web-savvy patients;
- Real time authorizations for medical services;
- Transcribing, accessing and storing health records;
- Appointment scheduling;
- Referring patients; and
- Submitting claims to health plan payers for payment of the services provided.
Read the rest of this post »
Tags: access control, addressable, audit controls, authentication, covered entities, email security, email security rule, encryption, ePHI, Health Insurance Portability and Accountability Act, heathhealthcare, hipaa, hitech, integrity, omnibus, phi, privacy, protected health information
Posted in AAA Featured Articles, LuxSci Library: HIPAA
9 Comments »