HIPAA

Many healthcare providers are unclear as to when a request is made by an individual pursuant to a HIPAA authorization versus a HIPAA access request, particularly when a patient wants records to be sent to a third party, a HIPAA compliance officer at a law firm explained.

Healthcare providers should take steps now to ensure that the telehealth modalities they use are HIPAA compliant.

The US Department of Health and Human Services’ Office for Civil Rights has levied big fines against medical organizations who failed to adhere to HIPAA requirements to release medical records to patients at their request.

Hackers have penetrated healthcare providers’ computer systems to encrypt information and demand money for its release.

Putting information in the cloud can be a good move for a physician’s practice — but only if done well.

Regardless of the challenges a smaller group might have, a risk assessment is a baseline for any HIPAA program. The cost of this assessment is considerably less than a HIPAA fine.