HIPAA Privacy & Security Compliance

HIPAA Privacy & Security: Conducting Your HIPAA-Required Security Risk Assessment

Tue, 11/07/2017 - 15:06
Roger Shindell, MS, CHPS, CISA, & Lorna L. Hecker, PhD, CHPS
A company based in the state of Pennsylvania that develops wireless technology that’s used to assist physicians in the care of their cardiology patients was recently fined in excess of $2 million for a HIPAA breach that occurred when the protected health information (PHI) belonging to nearly 1,400 individuals was compromised after a company employee’s laptop was stolen.  The Office for Civil... Read More

HIPAA Privacy & Security Compliance: The Dirty Little Secret About Medical Device Security

Wed, 09/06/2017 - 11:36
Roger Shindell, MS, CHPS, CISA
What are the rules regarding IMD safety? That all depends on whom you ask.    Imagine being a patient and having to worry about someone hacking into your newly implanted pacemaker. Could this really happen, or is this just an “old wives’ tale” with a millennial flavor? Back in 2007, doctors disconnected the wireless function in then Vice President Dick Cheney’s left ventricular assist device... Read More

Should Healthcare Providers 'Google' Their Patients?

Mon, 07/03/2017 - 14:15
Lorna L. Hecker, PhD, LMFT, CHPS, & Roger Shindell, MS, CHPS, CISA
The digital age in which we all live in and work in brings us unique opportunities from both a personal and professional standpoint. With most of us having easy access to the Internet while at home and on the go, which offers us free utilization of email, social media, and, to some extent, mobile apps, our ability to obtain and disseminate information has essentially become limitless. However,... Read More

HIPAA Privacy & Security Compliance: Are You at Risk of Improperly Managing Business Associates?

Fri, 03/31/2017 - 15:18
Roger Shindell, MS, CHPS, CISA, & Lorna L. Hecker, PhD, CHPS
In the world of HIPAA, you are your brother’s (or sister’s) keeper. Under the HIPAA HITECH Act enacted as part of the American Recovery and Reinvestment of 2009, that means, legally speaking, that any covered entity (CE) — namely the healthcare provider — is indeed liable for the actions of any business associate (BA). The BA, as it pertains to HIPAA, is any person or entity that performs any... Read More

HIPAA Privacy & Security Compliance: Think B4 U Send Text Messages

Tue, 02/07/2017 - 15:56
Roger Shindell, MS, CHPS, CISA
Provider-to-provider and provider-to-patient text messaging continues to increase. The risks and penalties associated with HIPAA violations are also on the rise.     The risks associated with sending electronic protected health information (ePHI) via unencrypted text messaging are significant, especially given the climate of rising enforcement of compliance as it pertains to HIPAA and HITECH.... Read More

HIPAA Privacy & Security Compliance: Dispelling Common Myths

Thu, 01/05/2017 - 16:29
Roger Shindell, MS, CHPS, CISA
With the hundreds of pages that it takes to cover the breadth of HIPAA regulations, not to mention the regulations’ inherent complexity, it’s no wonder myths and rumors about compliance abound. Additionally, there are many “experts” who have only limited training (or no training, in fact) on the regulations themselves. However, HIPAA audits performed by the U.S. Department of Health & Human... Read More

Cyber Security & HIPAA: Taking Security Measures Beyond General Compliance in the Wound Clinic

Fri, 10/07/2016 - 11:31
Lorna L. Hecker, PhD, LMFT, CHPS
Editor’s Note: This article was reprinted with permission.   Threats to the security of electronic protected health information (ePHI) evolve constantly, in ways that could not have been envisioned in 1996, when HIPAA was enacted. Cyber security has since become a term that’s front and center in our daily lives, personally as well as professionally.  This article will discuss what cyber security... Read More

HIPAA Privacy & Security Compliance: Disclosures to Law Enforcement

Thu, 09/15/2016 - 17:00
Roger Shindell, MS, CHPS
This article will discuss disclosures for law enforcement purposes permitted under HIPAA. Various scenarios will be introduced, with relevant HIPAA regulations integrated in the responses. There is often considerable confusion about the type of protected health information (PHI) healthcare providers can legally release to law enforcement, in part because state laws govern the release of patient... Read More

Hippocrates & HIPAA: What’s the Ethical Involvement?

Tue, 08/09/2016 - 16:06
Roger Shindell, MS, CHPS
Ethics focus on actions we should take — what we should and should not do. Ethics shape our values, cultures, and worldviews, and give us sensitivity to considering how our actions affect the welfare of others. In our society, we value privacy, which in the medical arena was not very well regulated until HIPAA was passed in 1996 and enacted in 2003 — even when considering the presence of the... Read More

HIPAA Privacy & Security Compliance: Managing the Use of Photographs and Videos in the Wound Clinic

Mon, 07/11/2016 - 15:18
Roger Shindell, MS, CHPS
Advanced digital technology has led to a proliferation of photo chronicling to help guide care and documentation. Is your wound clinic managing and protecting patient records appropriately?   When using photographs to more accurately document and to enhance a patient’s wound care treatment, privacy and confidentiality issues can arise that could put providers in violation of federal HIPAA... Read More

Pages

Subscribe to HIPAA Privacy & Security Compliance

Product and Industry News

More Product & Industry News

TWC Blogs

Alliance of Wound Care Stakeholders Advocacy Update

Alliance Educates PDAC & DMEMAC via a "Show & Tell" Seminar Enabling Staff to See/Touch/Feel Key Wound Care Products

4/19/2018
Rise of the Cyber Criminal in 2018: HIPAA Security Does Not Stop With Compliance

Reports of cyber attacks continue to be prevalent. However, healthcare providers may be unaware of a few important facts: 

  1. Healthcare, as an industry, sees more data breaches than any other.1
  2. Criminal attacks are the leading cause of data breaches in healthcare. 
  3. Data breaches in healthcare are consistently high in terms of volume, frequency, impact, and cost.2

Consider some high-profile cases in which cyber criminals have placed certain healthcare organizations in the news:

1/5/2018
Commentary: Should Patients Buy Offloading Footwear From You?

It is a challenging, common situation: wound care patients require offloading devices for diabetic and/or neuropathic plantar ulcers, but there is no insurance coverage for those items.  You explain that they will bear the cost of the product(s), but they believe the expenses should be covered by you. When you offer to sell the product(s) directly or suggest the patients purchase them elsewhere, they refuse. Ultimately, their wounds worsen or don’t improve.

1/5/2018
More TWC Blogs

Twitter Feed

More Twitter Feed

CLASSIFIEDS

Wound Care Medical Director
Monday, June 11, 2018 - 09:35
More Classifieds