HIPAA

Under HIPAA, you are responsible to protect Protected Health Information (PHI). But what exactly is PHI?

Multi-Factor Authentication (MFA) is a security measure that can be enabled. What does MFA do and how does it help your office maintain HIPAA compliance?

When discussing text messaging, the best practice is to NOT text patients. However, texting can be a useful tool and there are steps your office can take to mitigate the risks associated with texting patients.

When a breach occurs, offices are required to notify the patients whose information may have been compromised in the breach. This is known as the Breach Notification Rule.

Under the HITECH Act, passed in 2009, the secretary is required to post all breaches affecting 500 or more patients to the internet. This applies to all medical providers and Business Associates. This web site is commonly referred to as the HIPAA Wall of Shame. You can find it at https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf

Telehealth waivers during the COVID-19 public health emergency are expiring.

Emailing patient information can be HIPAA compliant. However there are risks that you should be cognizant of and steps to take to minimize the chance of a HIPAA violation.

Understand the implications working from home or remote access has on maintaining HIPAA compliance in the office.

HIPAA prohibits the sharing of patient information except in certain cases. You are allowed to share information for law enforcement purposes.

Many cybersecurity events and breaches are the result of us failing to keep our computers and computer programs up to date. The process of keeping our systems up to date is known as PATCHING.