Appendix A to the Business Associate Agreement: HIPAA & HITECH Act Blog by Jonathan P. Tomes
Often, my office gets calls and emails asking what Appendix A is to such an agreement and what should it say. We get these questions .. read more
New Mental and Behavioral NOPP in Premium Member Section: HIPAA & HITECH Act Blog by Jonathan P. Tomes
Some of our mental and behavioral health practitioner clients had asked for a sample notice of privacy practices (“NOPP”) that incorporates the special, more stringent .. read more
California News re Health Information Privacy and Security and HIPAA Breach Notification Rule: HIPAA & HITECH Act Blog by Jonathan P. Tomes
In October 2014, Kamala D. Harris, Attorney General, California Department of Justice, released the California Data Breach Report. The report noted that, in the health .. read more
Phase II Audits: HIPAA Privacy, Security, and Breach Notification Heads Up: HIPAA & HITECH Act Blog by Jonathan P. Tomes
Section 13411 of the HITECH Act requires the Department of Health and Human Services (“DHHS”) to audit covered entities and business associates to ensure that .. read more
Will HIPAA Let You Report a Suspected Ebola Case to Public Health Officials? HIPAA & HITECH Act Blog by Jonathan P. Tomes
If you encounter a patient that you suspect may have ebola, do you want to waste time wading through the HIPAA Privacy Rule to figure .. read more
MA AG Settles Cross-border HIPAA and Breach Notification Enforcement Suit: HIPAA & HITECH Act Blog by Jonathan P. Tomes
So only the state attorney general in the state in which you do business can file a lawsuit against you? Right? No, wrong. A Rhode .. read more
Hands-on HIPAA Compliance Workshop: HIPAA & HITECH Act Blog by Jonathan P. Tomes
Is your organization’s HIPAA compliance lost at sea? As you may know, EMR Legal, Inc., is offering our 2-day Hands-on HIPAA Workshop October 16-17 aboard .. read more
Business Associates? How Low Can You Go? HIPAA & HITECH Act Blog by Jonathan P. Tomes
The Omnibus Rule effectively made “downstream” business associates—that is, subcontractors—into business associates and thus effectively into covered entities. They are now effectively if not by .. read more
Next Stage of DHHS Audits Coming: HIPAA & HITECH Act Blog by Jonathan P. Tomes
The U.S. Department of Health and Human Services (“DHHS”) Office for Civil Rights (“OCR”) has not yet published an audit protocol for this year’s Phase .. read more
Hackers Gain Access to 4.5 Million Patients’ Data at Community Health Systems: HIPAA & HITECH Act Blog by Jonathan P. Tomes with Guest Commentator Attorney/Consultant Alice M. McCart
According to several national news sources, such as Fox4 News Kansas City, CNNMoney, Reuters, the Wall Street Journal, USA Today, and the Chicago Tribune, Community .. read more