What Do Healthcare Third-Party Vendors Do? Healthcare providers and dentists, referred to by the Department of Health and Human Services as Covered Entities (CEs), and their third-party vendors, referred to as Business Associates (BAs) are required to comply with the HIPAA Privacy, Security, and Breach Notification Rules. Third-party vendors may be an individual or an …
When a security incident happens and when they do, effective response planning can be a major factor of how significant an organization suffers operational or reputational harm or legal liability. Being able to respond to incidents in a systematic way ensures appropriate response steps are taken each time to help minimize the impact of breaches. …
What’s a Security Incident? When is it a Breach? Read More »
What if your Business Associates Had A Security Incident? Covered Entities (CEs) believe its impossible to determine whether the policies and procedures of their Business Associates (BAs) are adequate to respond effectively to a security incident. To complicate matters a large more believes their Business Associates would NOT notify them in the event of a …
Did You Know? The HIPAA Security Rule requires Covered Entities (CEs) and Business Associates (BAs) to “implement a security awareness and training program for ALL members of its workforce (including management)” 45 C.F.R. § 164.308(a)(5)(i). Note: the emphasis on ALL members of the workforce, because ALL workforce members can either be guardians of the entity’s …
Healthcare Third-Party Vendors – HIPAA Security Rule Applies To YOU Too! Read More »
Mobile Health Application So you want to download the next latest, greatest mobile health application but before you do there are a few things you should know. Here are some safety tips to practice when you download your first or next mobile health application: 1. Research mobile health application (software programs that perform one or …
Notice of Privacy Practices Today, I visited my local dentist office for a new patient consultation and to interview them before selecting them as my Covered Entity (CE). After examining the waiting room and completing the necessary paperwork, I was called into the treatment room. During my appointment I met several different staff members, including …
Does Your Doctor Keep Your Protected Health Information Secure? Read More »
What is Protected Health Information? The simple answer is any information that can be used to identify you from your Protected Health Information (PHI). PHI consists of 18 unique identifiers and must be removed in order to meet the “Safe Harbor Method” standard for de-identification. PHI as defined by U.S. Department of Health and Human Services as the …