Art Gross

Exceptions to a HIPAA Breach

By Art Gross – In 2007 the Guide to Medical Privacy Law was published. It indicated that on multiple occasions hospitals, EMT services, schools, and other public agencies were incorrectly withholding news out of a fear of violating HIPAA policy. Often, there isn’t a clear understanding as to what constitutes exceptions to HIPAA and who can say what.

Read More

What is the Digital Front Door?

By Art Gross – The traditional way to see your healthcare practitioner was to call the office, schedule an appointment and when the time came, go to the office for your visit. You’d get there and then open the front door to attend your appointment.


What’s the HIPAA Omnibus Rule?

By Art Gross – The HIPAA Omnibus Rule was established to identify and further outline accountability within the entities of healthcare regarding patient data. To understand the HIPAA Omnibus Rule and how it affects these entities, we need to understand who and what are the “moving parts” that make up the operation.


The 18 PHI (Protected Health Information) Identifiers

By Art Gross – HIPAA regulations are in place to ensure that you protect and secure the patient data that as a healthcare business, you have access to and collect. The Department of Health and Human Services has identified 18 patient identifier categories as it pertains to their guidance on satisfying the safe harbor method for de-identification per §164.514(b):


HIPAA Compliance Audit: What to Expect

By Art Gross – “We’re being audited!” Those words strike fear and uncertainty in most of us – especially if you are in healthcare. But what actually happens in a HIPAA audit? Will a government official show up unannounced with a briefcase and ask for you to produce every bit of your business’s HIPAA documentation while sequestering your team in a conference room? Not quite.



HIPAA Security Officer

By Art Gross – Recently we went over the role of the HIPAA Privacy Officer and what responsibilities that individual would oversee, as well as what qualifications an ideal candidate would bring to the position. Additionally, HIPAA Regulations require that you formally identify a Security Officer in addition to a Privacy Officer, but they can be the same person.