Month: October 2018

Anti-Kickback Statute

Today, I am presenting a case study of what happens when a Covered Entity (CE) and a pharmaceutical company collude to violate the Federal Anti-Kickback Statute and the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule. Healthcare has a Federal Anti-kickback Statute (AKS), 42 U.S.C. § 1320a-7b(b), that makes it illegal for providers to …

Anti-Kickback Statute Read More »

Evaluation

Do I need my HIPAA Security Plan Evaluated? It is important for Covered Entities (CEs) and Business Associates (BAs) to know if their security plans and procedures continue to adequately protect their electronic protected health information (ePHI). To accomplish this, CEs and BAs must implement and monitor your Evaluation Plan. CEs and BAs must periodically …

Evaluation Read More »

HIPAA Workstation Use

Workstation Use In this week’s “Know The Rules!,” I am diving into the second standard of Physical Safeguards of the Health Insurance Portability and Accountability Act (HIPAA) Security Standards: Workstation Use, 45 CFR § 164.310(b). Physical security is an important component of the HIPAA Security Rule that is often overlooked. What constitutes appropriate physical security …

HIPAA Workstation Use Read More »

HIPAA Information Access Management

What is Information Access Management? The fourth standard in the Administrative Safeguards section is Information Access Management. Covered Entities (CEs) and their Business Associates (BAs) are required to: “Implement policies and procedures for authorizing access to electronic protected health information that are consistent with the applicable requirements of subpart E of this part [the Privacy …

HIPAA Information Access Management Read More »