4Med+ Online Courses Available for XXX Clients
4MedPlus Accredited Online Training is available at a special discount through our partners at XXX. During checkout, please use the coupon code XXX20 to receive a 20% Discount.
Business Associate Agreement Hot Points
If an organization is involved in healthcare, whether as a provider, facility, consultant, vendor or in almost any other capacity, it is highly likely that HIPAA applies to internal operations and relationships with other parties. As should be well-known, when a relationship is established with one party providing services for or on behalf of a covered entity (this means a healthcare provider, health plan, or healthcare clearinghouse), then the party providing the service is a business
The Trouble with Medical Data
As an educator in healthcare, I am struck by the sheer volume of information that must be collected and submitted by clinicians. Courses we develop are designed to make that job easier, but wow! Seriously, this is complicated stuff. And while I believe that most clinical providers are educated and more than capable of managing complex tasks, it seems to be a serious burden on them to juggle all that is required while continuing to do their primary job, which is to provide quality patient
A Cautionary Tale of Celebrity Breach
The company I work with, 4MedPlus, is based in the beautiful city of Chicago, Illinois with a mission to provide critical compliance education. Many courses are dedicated to the subject of HIPAA and security in one form or another. We regularly present workshops, always including and specifically addressing the ‘minimum necessary standard’ which is an important protection and requirement of the HIPAA Privacy Rule. This standard is based on the practice that protected health information should not
What’s the Goal: HIPAA Enforcement
Compliance with HIPAA and the attendant privacy and security requirements is a frequent topic of discussion. Discussions around compliance are driven by the daily reporting of breaches and the probably more than daily issues faced by patients, clinicians and others when HIPAA is misinterpreted. In that face of all of these issues, there are not many options to turn to in order to obtain redress. Unless state law offers some alternative, HIPAA permits filing a complaint with an organization’s
5 Tips for Protecting your Electronic Health Records
As we move more and more into the digital age, the presence of Electronic Health Records is continuously growing, making the perfect targets for criminal activity. It is crucial that your organization takes proactive measures to ensure its data is protected and not readily available for cybercriminals. Here are five tips that can help you protect your organization and the sensitive data it stores from falling into the wrong hands:1. Perform Risk Assessments Regularly Don’t underestimate the
QPP Website Now Includes 2019 MIPS Measures and Activities
The Centers for Medicare and Medicaid Services (CMS) has updated the “Explore Measures” tool on the Quality Payment Program website for the 2019 performance period. The website now includes 2019 Merit-based Incentive Payment System (MIPS) measures and activities for the four performance categories: Quality Cost Improvement Activities Promoting Interoperability Please note, the “Explore Measures” tool is only for informational and estimation purposes. It can’t be used to submit or attest to
HIPAA Complaints, OCR Investigations, and Security Risk Analysis for Healthcare Delivery Organizations – A Common Thread
Many HIPAA covered entities (CEs) and business associates (BAs) may not be meeting the regulatory mandate as defined in §164.308(a)(1)(ii)(A) of the HIPAA Security Rule. This implementation specification requires that healthcare delivery organizations (HDOs) “Conduct an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of electronic protected health information held by the covered entity or business associate.”This
HIPAA Musings: Random Thoughts on Privacy and Security
With the holidays quickly receding, there was some time for reflection. When given that time (and honestly spurred to some degree by the HIPAA request for information), different issues about HIPAA wandered through my mind. With so many issues to ponder, and taking a page Boston Globe sports columnist Dan Shaughnessy and his picked up pieces columns, here are various musings about HIPAA: Why is it assumed that HIPAA and the goals of value-based care cannot co-exist with HIPAA as currently in
Picking Up the Pace: More HIPAA Settlements
After a slow start to the year in terms of HIPAA settlement, the Office for Civil Rights (OCR) is trying to finish the year with a bang. Since September 20, 2018, OCR has announced four different HIPAA settlements. The nature of the conduct underlying each settlement has varied widely. As such, it remains difficult to determine what facts or circumstances will most interest OCR in pursuing an issue for the imposition of a penalty.
Secure HIPAA Compliant E-mail: 5 Common Myths & Facts
Every day I field questions about HIPAA compliant e-mail, and many days I see or hear something that leads healthcare organizations and their business associates in the wrong direction. These Myths and Facts can help you make the right e-mail decisions. I have included links to give you more...