It is relatively easy even for rookie hackers to get into computer systems.
The challenge with information security is walking the line between tightly securing data and over-relaxing access.
Health care providers do not necessarily have to meet every HIPAA standard.
Physician organizations need to do a better job training staff in safeguarding protected health information and complying with HIPAA in other ways.
Practices involved in legal cases were penalized for not having completed a comprehensive risk assessment.
Among the first things practices should do is set up a check-out/check-in system.
Access control often is viewed as an IT-only job, but it is a shared responsibility.
In serious breach cases, the HHS Office for Civil Rights may impose CAPs to prevent breaches from recurring.
Encryption and keeping confidential information off laptops and cellphones are among the ways to prevent breaches.
Using ECG as a password enhances the security and privacy of the patient with minimal cost.
HHS fined providers for not having a business associate agreement in place or using an outdated one.
Providers are still not doing some of the most basic tasks required by the law.
Practices benefit from cost savings and easy access to patient records, but information breaches are still possible.
Medical practices can take a number of steps to make it more difficult to hack into their computer files.
Now providers can be sued for HIPAA violations related to breaches of protected health information.
Addressable doesn't mean optional: Having an implementation plan can be helpful in case of an audit.
As business associates come under greater scrutiny, healthcare providers could become more susceptible to audits and patient lawsuits.
Practices should review the list of 18 identifiers and remove each item before sharing data.
HIPAA requires physician offices to appoint a security officer, but a physician should not hold the position.
Patients' representatives, individuals designated to make medical decisions for them, have equal rights to access information under HIPAA.
Providers typically need business associate agreements with health information organizations.
New document from the Office of Civil Rights reminds providers of their responsibilities and offers compliance tips.
Many small practices fall short on requirements because they do not have the resources to comply.
Threats and vulnerabilities, such as hacking potential and password strength, should be considered.
Prepping for an audit can help reduce the risk of a breach.
Practices need to have a response plan in place.
Panel urges changes to an increasingly complex health care system.
Findings among veterans flagged for delayed diagnosis of prostate, colorectal cancer.
Simple fixes can help practices meet the 'minimum necessary' standard under HIPAA.
Experts recommend keeping certain policies on file.
Renal and Urology News Articles
Sign Up for Free e-newsletters
NEPHROLOGY & UROLOGY NEWS
- Acute Kidney Injury (AKI)
- Chronic Kidney Disease (CKD)
- Contrast Nephropathy
- Cardiovascular Disease (CVD)
- Diabetic Nephropathy
- End-stage Renal Disease (ESRD)
- Lupus Nephritis
- Peritoneal Dialysis
- Secondary Hyperparathyroidism (SHPT)