By Matt Fisher – Not a day goes by (or many posts on The Pulse Blog) without a discussion of the rapid increase in data breaches impacting the healthcare industry. Information and statistics in this regard are inescapable.
Read More
By Grant Elliott – Are you considering HITRUST but haven’t yet put your HIPAA house in order? That’s similar to starting college when you’ve not yet earned your high school diploma. While both HIPAA and HITRUST share the common goal of protecting healthcare data and personal health information (PHI), they differ in very fundamental ways.
By Matt Fisher – Stop if you’ve heard either of these or some other variation before: I can’t tell you anything about that patient because of HIPAA or I can’t give you a copy of your medical records because of HIPAA or HIPAA doesn’t let me say anything.
Part 2 of my interview with Carl Kunkleman, the co-founder and senior vice president of ClearDATA, specifically about why small and community hospitals struggle with conducing a security risk analysis. Here is part 2 of the interview.
I had an opportunity to talk with Carl Kunkleman, the co-founder and senior vice president of ClearDATA, specifically about why small and community hospitals struggle with conducing a security risk analysis. Here is part I of the interview.
By Matt Fisher – What is the response when an individual submits a request to receive access to their medical record? The response can often be one of frustration over the time and effort that will go into compiling the record in response to the request.
The American Health Information Management Association (AHIMA) announced a first-of-its kind standardized model Patient Request for Health Information form to help healthcare providers streamline patient health information request processes
By David Harlow – In thinking about patient privacy, many folks assume that HIPAA is the first and last word on the subject. Nothing could be farther from the truth. Protected health information under HIPAA (PHI) is also protected by a variety of other federal and state regulatory schemes.
By Clyde Hewitt – If one lesson is clear from the constant stream of recent settlements announced by the Office for Civil Rights, it is that covered entities are not implementing risk management plans to reduce risks to protected health information (PHI) to an acceptable and appropriate level.