HITECH Archives - Page 4 of 12 - Veterans Press, Inc.

Another State Fine for a HIPAA Security Breach: HIPAA & HITECH Act Blog by Jonathan P. Tomes

As we’ve previously noted in this blog, the Office for Civil Rights (“OCR”) of the Department of Health and Human Services (“DHHS”), the Federal Trade .. read more

On September 12th, 2018, posted in: HIPAA Compliance Blog by Alice Tags: Alice M. McCart, breach notification, compliance, criminal conviction, criminal HIPAA violation, data breach, EHR, EPHI, HHS, HHS audit, HIPAA, HIPAA civil money penalties, HIPAA compliance, HIPAA policies, HIPAA training, HITECH, HITECH Act, Jonathan P. Tomes, OCR, PHI, risk analysis, Security Rule, state fine for HIPAA security breach

What Will HIPAA Let You Do if You Are Slammed on Social Media? HIPAA & HITECH Act Blog by Jonathan P. Tomes

No matter how good a practitioner you are and how perfectly you handled a particular patient/client health problem, you could certainly end up with a .. read more

On September 3rd, 2018, posted in: HIPAA Compliance Blog by Alice Tags: Alice M. McCart, compliance, criminal HIPAA violation, HHS, HIPAA, HIPAA social media, HIPAA training, HIPAA violation, HITECH, Jonathan P. Tomes, mental and behavioral health, OCR, OCR investigation, PHI, social media

Securing EHRs on Mobile Devices—New NIST Guidance: HIPAA & HITECH Act Blog by Jonathan P. Tomes

The single biggest category of DHHS civil money penalties involves loss or theft of EHRs on mobile devices. The only guidance in the Security Rule .. read more

On August 19th, 2018, posted in: HIPAA Compliance Blog by Alice Tags: Alice M. McCart, breach, breach notification, compliance, criminal conviction, criminal HIPAA violation, EHR, EHRs on Mobile Devices, emr, encryption, EPHI, HIPAA, HIPAA civil money penalties, HIPAA compliance, HIPAA policies, HIPAA training, HITECH, HITECH Act, Jonathan P. Tomes, NIST, PHI, risk analysis, Security Rule

Must You Audit Your Business Associates for HIPAA Compliance? HIPAA & HITECH Act Blog by Jonathan P. Tomes

Now that the HITECH Act and the Omnibus Rule have made covered entities potentially liable for breaches by their business associate, see Compliance Hit: Expanded .. read more

On August 12th, 2018, posted in: HIPAA Compliance Blog by Alice Tags: Alice M. McCart, audit, audit your business associates, breach, breach notification, business associate, cloud, compliance, data breach, EHR, emr, HHS, HHS audit, HIPAA, HIPAA compliance, HIPAA policies, HIPAA training, HIPAA violation, HITECH, HITECH Act, Jonathan P. Tomes, Omnibus Rule, PHI, Privacy Rule, risk analysis, Security Rule

DHHS Finally to Draft Rule for Sharing HIPAA Civil Money Penalties with Victims: HIPAA & HITECH Act Blog by Jonathan P. Tomes

DHHS has announced that it will issue the advance notice for receiving comments on proposed rules for sharing a percentage of HIPAA civil money penalties, .. read more

On August 5th, 2018, posted in: HIPAA Compliance Blog by Alice Tags: Alice M. McCart, audit, breach, business associate, compliance, criminal conviction, criminal HIPAA violation, data breach, HHS, HIPAA, HIPAA civi money penalties, HIPAA civil money penalties, HIPAA training, HIPAA violation, HITECH, Jonathan P. Tomes, OCR investigation, risk analysis

DHHS Issues Reminder to Address Physical Security, Particularly Workstation Security: HIPAA & HITECH Act Blog by Jonathan P. Tomes

In May 2018, the U.S. Department of Health and Human Services (“DHHS”) Office for Civil Rights (“OCR”) issued its Cybersecurity Newsletter, “Workstation Security: Don’t Forget .. read more

On July 8th, 2018, posted in: HIPAA Compliance Blog by Alice Tags: Alice M. McCart, compliance, encryption, EPHI, HHS, HIPAA, HIPAA compliance, HIPAA policies, HIPAA training, HIPAA violation, HITECH, HITECH Act, Jonathan P. Tomes, OCR, Office for Civil Rights, PHI, physical security, risk analysis, Security Rule, workstation security

Biggest HIPAA Civil Money Penalty Yet—How Does $5.5 Million Sound? HIPAA & HITECH Act Blog by Jonathan P. Tomes

Memorial Healthcare System (“MHS”) settled with the U.S. Department of Health and Human Services (“DHHS”) for $5.5 million for potential violations of the Health Insurance .. read more

Mental Health and Substance Abuse PHI Reporting under HIPAA: HIPAA & HITECH Act Blog by Jonathan P. Tomes with guest commentator Alice M. McCart, J.D.

Trying to figure out what HIPAA and the HITECH Act require in the way of disclosing protected health information (“PHI”) under various circumstances in general .. read more

On June 11th, 2018, posted in: HIPAA Compliance Blog by Alice Tags: Alice M. McCart, compliance, disclosure to prevent harm, HHS, HIPAA, HIPAA compliance, HIPAA policies, HIPAA training, HIPAA violation, HITECH, HITECH Act, Jonathan P. Tomes, mental and behavioral health, mental health, PHI, risk analysis, substance abuse

A Court Order Isn’t Necessarily a Court Order. What is necessary and sufficient? HIPAA &HITECH Act Blog by Jonathan P. Tomes

HIPAA is hard to understand, even for lawyers. One of the hardest HIPAA concepts to understand and apply is the difference between necessary and sufficient .. read more

On February 7th, 2018, posted in: HIPAA Compliance Blog by Alice Tags: Hands-on HIPAA Workshop, HIPAA, HIPAA compliance, HIPAA violation, HITECH, Jonathan P. Tomes, necessary and sufficient, PHI, Privacy Rule

Sample Release of PHI to Clergy Policy Posted in Premium Member Section: HIPAA & HITECH Act Blog by Jonathan P. Tomes

As I discussed in my December 21, 2017, blog post, which included a new Sample Media Policy, and my November 28, 2017, post regarding the .. read more

On January 7th, 2018, posted in: HIPAA Compliance Blog by Alice Tags: compliance, Hands-on HIPAA Workshop, HIPAA compliance, HIPAA policies, HIPAA right of access, HIPAA training, HIPAA violation, HIPAA-Hysteria, HITECH, Jonathan P. Tomes, mental and behavioral health, Notice of Privacy Practices, OCR, Office for Civil Rights, PHI, privacy, Privacy Rule, release of PHI to clergy, risk analysis