The 9 Standards for HIPAA’s Administrative Safeguards

HIPAA’s definition on Administrative Safeguards: “Administrative actions, and policies and procedures, to manage the selection, development, implementation, and maintenance of security measures to protect electronic protected health information and to manage the conduct of the covered entity’s workforce in relation to the protection of that information.” HHS.gov

HIPAA Privacy vs. HIPAA Security; Whats the Difference?

If you’ve been searching around about HIPAA compliance, you’ve probably seen the terms “Privacy” and “Security”. They both relate to compliance on the subject of protecting patient information, but heres the distinction:

HIPAA Compliance, an In-depth Overview

There are four HIPAA rules any one working with ePHI should know about.  They are: 1. HIPAA Privacy Rule 2. HIPAA Security Rule 3. HIPAA Enforcement Rule 4. HIPAA Breach Notification Rule The HIPAA Privacy Rule The HIPAA Privacy Rule establishes national standards to protect individuals’ medical records and other personal health information and applies […]

A close read of the HIPAA Security Rule

HIPAA established the Security Rule to ensure that all covered entities have implemented safeguards to protect the confidentiality, integrity, and access of PHI. There are two types of implementation specifications: “required” and “addressable.”  Wherever the Security Rule reads “required,” that specification must be implemented; whereas, if it says “addressable,” there is some wiggle room in […]

Snowden Leaks Disclose NSA-Skype Cooperation

In a story that has been developing over the past several weeks, The Guardian disclosed last week that Microsoft has been providing the National Security Agency with access to recorded data collected on Skype, which was purchased by Microsoft for $8.5 billion in 2011. The files provided by Edward Snowden illustrate the scale of cooperation […]

What is a HIPAA Business Associate Agreement, and Why Do I Need One?

If your practice is currently using a medical teleconferencing service (telemed), or if you are considering using one, you should know that the Health Insurance Portability and Accountability Act of 1996 (HIPAA), and the recently-finalized (March 2013) Rules promulgated thereunder, consider the provider of such service to be a “business associate.” HIPAA defines a business […]