You've Been Invited to the HIPAA Party Too!

Episode 69: Know The Rules! Business Associates Were Invited to the HIPAA Party!

Did You Know? Business Associates (BAs) were invited to the HIPAA party in February 2013, when the Final Omnibus Rule was introduced and finalized in September 2013. Even after two decades, HIPAA compliance still remains a challenge for many Covered Entities (CEs) and their BAs alike. From Then Until Now … As reported by HIPAA […]

Am I A Healthcare Business Associate?

Episode 68: Know The Rules! Am I A Healthcare Business Associate?

How Do I Know – Am I A Healthcare Business Associate? These days’ doctors and dentists, known as Covered Entities (CE), outsource their business activities to service providers. Health & Human Services (HHS) defines a “Business Associate” (BA) is a person or entity that performs certain functions or activities that involve the use or disclosure […]

Episode 67: Know The Rules! Security Incident

What if your Business Associates Had A Security Incident? Covered Entities (CEs) believe it’s impossible to determine whether the policies and procedures of their Business Associates (BAs) are adequate to respond effectively to a security incident. To complicate matters, more believe their Business Associates would NOT notify them in the event of a security incident. […]

Ex-Spouse and HIPAA Collide

Episode 65: Know The Rules! Case Study – Ex-Spouse and HIPAA Collide

Did You Know? A box containing 5 years of protected health information (PHI) had been returned to Hanger Clinic in Florida by a former employee’s ex-spouse. This is not the first time a former and HIPAA collide. Hanger Breach Details On September 17, 2018, a box of patient insurance documents from 2009 – 2014 were […]

2018 Business Associate Healthcare Data Breaches

Episode 64: Know The Rules! 2018 Business Associate Healthcare Data Breaches

Business Associate Healthcare Data Breaches In “Episode 63: Know The Rules!”, I reported what I thought were all of the healthcare data breaches reported on the Health & Human Services (HHS) Office of Civil Rights (OCR) Breach Portal website by Business Associates (BAs) in 2018. This is what I reported last week: The year 2018 […]

2018 Business Associate Healthcare Data Breaches

Episode 63: Know The Rules! 2018 Business Associate Healthcare Data Breaches

Healthcare Data Breaches In this week’s “Know The Rules!,” I am reviewing healthcare data breaches reported on the Health & Human Services (HHS) Office of Civil Rights (OCR) Breach Portal website by Business Associates in 2018. Covered Entities (CEs) are not alone when it comes to experiencing a healthcare data breach. Did You Know? Business […]

Device and Media Controls - Part 2

Episode 62: Know The Rules! Device and Media Controls – Part 2

Device and Media Controls – Part 2 In this week’s “Know The Rules!,” I am talking about the last two HIPAA Device and Media Controls security standard, 45 CFR §164.310(d)(1). The Device and Media Controls standard requires Covered Entities (CEs) and their Business Associates (BAs) to: Implement policies and procedures that govern the receipt and […]

Device and Media Controls - Part 1

Episode 61: Know The Rules! Device and Media Controls – Part 1

Device and Media Controls In this week’s “Know The Rules!,” I am talking about the first two elements of the HIPAA Device and Media Controls security standard, 45 CFR §164.310(d)(1). The Device and Media Controls standard requires Covered Entities (CEs) and their Business Associates (BAs) to: Implement policies and procedures that govern the receipt and […]

Minimum Necessary

Episode 60: Know The Rules! Minimum Necessary

HIPAA Privacy Rule Minimum Necessary In this week’s “Know The Rules!,” I am discussing the Privacy Rule minimum necessary standard, [45 CFR 164.502(b), 164.514(d)]. Minimum necessary applies: When using or disclosing protected health information (PHI) or when requesting PHI from another Covered Entity (CE) or Business Associate (BA), a CE or BA must make reasonable […]