Recently, things may have sped up a little in your doctor’s office. The notes for your recent visit may have been organized and filed a little more quickly. You might have received assistance sooner than expected with a physician letter to your carrier concerning a claim. You also may have received copies of those medical
PHI
OCR Reminds Healthcare Providers and Their Business Associates – You Need an Incident Response Plan!
October is National Cybersecurity Awareness month, and the HHS Office for Civil Rights (OCR) has provided a timely reminder for HIPAA covered entities and business associates to have a written incident response plan! To learn why another policy is needed, what an incident response plan needs to include, and the reporting obligations, read the…
Small NJ Medical Practice Becomes 18th Target of OCR’s HIPAA Right of Access Enforcement Initiative
The Office for Civil Rights (OCR) has taken enforcement action against a small New Jersey plastic surgery practice for its failure to timely respond to a patient’s records access request. Putting in place relatively simple policies, carefully developing template forms, assigning responsibility, training, and documenting responses can go a long way toward substantially minimizing the…
OCR HIPAA Guidance For Getting PHI of COVID-19 Exposed Individuals to First Responders
With first responders on the front lines of helping to fight the coronavirus, sharing information about potential exposure to COVID-19 is critical to protecting them and preventing further spread. In these situations, the information shared is most often “protected health information” (PHI) under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule.…
Is your e-PHI Secure? ONC and OCR Update HIPAA Security Risk Assessment Tool
October 2018 marks the 15th annual National Cyber Security Awareness Month. In honor of this occasion, the Office of the National Coordinator for Health Information Technology (ONC) and the HHS Office for Civil Rights (OCR) have jointly launched an updated HIPAA Security Risk Assessment (SRA) Tool to help covered entities and business associates comply…