hand on stack of files

2 min read

What is the time limit for PHI requests according to HIPAA?

Picture of Kirsten Peremore Kirsten Peremore: Dec 30, 2024 6:35:54 PM

HIPAA requires healthcare providers to respond to a patient’s request for access to their protected health information (PHI) within a specific timeframe. They have to act on these requests no later than 30 calendar days from the date it is received.

HIPAA Compliance
Read More
judge with law gavel

2 min read

Texas judge blocks Biden administration rule

Picture of Farah Amod Farah Amod: Dec 30, 2024 6:13:31 PM

A Texas judge has blocked a federal privacy rule, citing conflicts with state laws on abortion and gender care.

News
Read More
back of computer server

3 min read

Do hospitals still use onsite data centers?

Picture of Kapua Iao Kapua Iao: Dec 30, 2024 6:06:08 PM

Hospitals still use onsite physical data centers but are largely switching to cloud-based and/or hybrid models. Onsite data centers are housed in a...

Cybersecurity
Read More
back of computer server with cloud icon

3 min read

A list of HIPAA compliant cloud-based data centers

Picture of Kapua Iao Kapua Iao: Dec 30, 2024 5:52:49 PM

Healthcare organizations increasingly utilize cloud-based data centers to handle, house, and organize medical files. Given the information included...

HIPAA Compliance
Read More
red broken security locks

1 min read

Douglas County, WI Department of Health faces insider threat

Picture of Abby Grifno Abby Grifno: Dec 30, 2024 5:39:53 PM

The Wisconsin department discovered a former employee accessed patient data for months.

Breaches
Read More
3d printer

2 min read

How 3D printing is changing healthcare and challenging HIPAA

Caitlin Anthoney: Dec 30, 2024 5:15:33 PM

Innovative manufacturing techniques, like 3D printing, are changing clinical practice. It allows clinicians to create physical objects from patient...

Editorial
Read More
Image of shield for blog about Can you sell PHI?

1 min read

Can you sell PHI?

Picture of Tshedimoso Makhene Tshedimoso Makhene: Dec 30, 2024 4:31:22 PM

Selling protected health information (PHI) is a sensitive topic that has legal, ethical, and practical concerns. Under the Health Insurance...

HIPAA Compliance
Read More
Image of casket for blog about Do the HIPAA Privacy Rule protections apply to the health information of deceased individuals?

2 min read

Do the HIPAA Privacy Rule protections apply to deceased individuals?

Picture of Liyanda Tembani Liyanda Tembani: Dec 30, 2024 11:50:38 AM

Yes, the HIPAA Privacy Rule protects the health information of deceased individuals for 50 years following their death. During this time, their...

HIPAA Compliance
Read More
Image of unidentified individuals for blog about For unidentified individuals,  the Health Insurance Portability and Accountability Act (HIPAA) guarantees the protection of their privacy even as healthcare providers and law enforcement collaborate to determine their identity.  By limiting disclosures to the minimum necessary and requiring proper documentation, HIPAA upholds its mission of safeguarding personal health information, even in complex situations. Unidentified individuals in healthcare settings When healthcare providers encounter unidentified individuals, such as unconscious patients or those unable to confirm their identity, HIPAA still applies to any PHI collected during their care. Providers must handle this information with the same level of confidentiality as they would for identified patients. See also: HIPAA Compliant Email: The Definitive Guide HIPAA and unidentified individuals in legal contexts Providers may encounter situations where law enforcement seeks information about unidentified individuals. The New York State Division of Criminal Justice Services outlines strict conditions under which this information may be shared: Court order, warrant, subpoena, or administrative process: a Provider may disclose information in response to a court order, warrant, subpoena or other administrative process if certain conditions are satisfied. (45 CFR § 164.512(f)(1)(ii)); Identify person: if law enforcement requests information to help identify or locate a suspect, fugitive, material witness or missing person, a Provider may disclose the following limited information: (a) name and address, (b) date and place of birth, (c) social security number, (d) ABO blood type and rh factor, (e) type of injury, (f) date and time of treatment, (g) date and time of death, and (h) a description of distinguishing physical characteristics. Other information related to the individual's DNA, dental records, body fluid or tissue typing, samples, or analysis cannot be disclosed under this provision, but may be disclosed in response to a court order, warrant, or written administrative request. (45 CFR § 164.512(f)(2)). The disclosure must be in response to a request from law enforcement, which may include a response to a

2 min read

How HIPAA protects privacy while addressing unidentified individuals

Picture of Tshedimoso Makhene Tshedimoso Makhene: Dec 30, 2024 11:24:43 AM

For unidentified individuals, the Health Insurance Portability and Accountability Act (HIPAA) guarantees the protection of their privacy even as...

Editorial
Read More
Image of form for blog about What is a release of information (ROI) form?

2 min read

What is a release of information (ROI) form?

Picture of Tshedimoso Makhene Tshedimoso Makhene: Dec 30, 2024 10:53:02 AM

A Release of Information (ROI) form is a legal document used to obtain a person's consent to disclose their personal information, typically in...

HIPAA Compliance
Read More
Image of nurse and patient for blog about HHS OIG issues compliance guidance to enhance standards in nursing facilities

2 min read

HHS OIG issues guidance to enhance standards in nursing facilities

Picture of Tshedimoso Makhene Tshedimoso Makhene: Dec 30, 2024 10:44:30 AM

The U.S. Department of Health and Human Services (HHS) Office of Inspector General (OIG) has released the Nursing Facility Industry Segment-Specific...

Regulatory updates
Read More
Image of shield for blog about Cybersecurity management lessons from healthcare data breaches

3 min read

Cybersecurity management lessons from healthcare data breaches

Picture of Farah Amod Farah Amod: Dec 30, 2024 10:17:18 AM

Cybercriminals have set their sights on the healthcare sector, and recent breaches have shown just how vulnerable this industry has become. With...

Cybersecurity
Read More
cord into back of computer red

3 min read

Lateral movement explained: How hackers navigate networks undetected

Lusanda Molefe: Dec 30, 2024 12:00:00 AM

Lateral movement is a tactic in cyberattacks that allows hackers to navigate through a network undetected after gaining initial access. This stealthy...

Cybersecurity
Read More
Prev 108 109 110 111 112 Next