Legal and practical healthcare information.
By Keith C. Dennen Under HIPAA, physicians are permitted to disclose “protected health information” to their attorneys for purposes of their own healthcare operations. This allows physicians sued by patients for malpractice to provide their attorneys with the information needed to prepare and present a defense. Ordinarily, subpoenas or orders are a part of a …
Continue reading “Ex Parte Communications between Treating Physician and Attorneys”
By Jared A. Smith In today’s healthcare industry, information technology (“IT”) systems play an ever-expanding role in the success of a medical practice. Medical practitioners consistently juggle e-billing and electronic medical records software risk, HIPAA compliance issues, data security and data privacy requirements and meaningful use thresholds, all of which are typically addressed in IT …
Continue reading “HIPAA Violation Results in $4.8 Million Settlement: An IT Perspective”
By Scott Roberts Since the passage of the 2013 HIPAA Omnibus Rule, there has been a substantial increase in HIPAA enforcement actions brought by the Department of Health and Human Services, including an increase in so-called “high-impact cases” where settlements can reach into the millions of dollars. In addition, while HIPAA does not provide for …
By Billee Lightvoet Ward Although the HIPAA Omnibus Rule (the “Rule”) went into effect nearly 18 months ago, the transition period for bringing business associate agreements into compliance with the Rule’s new requirements will end on September 23, 2014. Business associates were directly regulated and responsible for complying with the Rule as of September 23, …
By Billee WardIn April of this year, the FBI issued a Private Industry Notification (PIN) to the health care industry warning of the “likely increase [in] cyber intrusions against health care systems.” In the same month, and into June of this year, a group of hackers originating from China were launching a cyber-attack on the …
Continue reading “FBI Warning to Health Care Sector Holds True”
By Rose Willis and Jared Smith If you use Windows XP on April 8, you will be easily susceptible to cyber-attacks and violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). Windows XP support is ending on April 8, 2014, when support and security updates will no longer be available. This means …
Continue reading “Windows XP Use May Violate HIPAA Starting April 8, 2014”
By Rose J. Willis The U.S. Department of Health and Human Services (HHS) Office of Inspector General (OIG) recently issued its 2014 Work Plan outlining its intended review activities of HHS Programs for 2014. This article summarizes certain portions of the 2014 Work Plan that are of considerable importance to physician practices. Security of Protected …
Continue reading “The 2014 OIG Work Plan: Select Provisions Applicable to Physician Practices”
By Rodney D. Butler On February 3, 2014, the Centers for Medicare and Medicaid Services (CMS) released a final rule that permits patients or their representatives to have direct access to the results of their lab tests. This rule change is significant because under the prior rule, labs could only release test results directly to …
Continue reading “CMS Issues Final Rule on Direct Access of Lab Test Results by Patients”
By Rose Willis On December 26, 2013, Adult & Pediatric Dermatology, a dermatology practice located in Massachusetts, agreed to pay a $150,000 fine after it lost an unencrypted thumb drive containing over 2,000 patients’ health records, and for its failure to institute HITECH’s breach notification requirements in response to the loss. According to the notice …
Continue reading “Providers: Prepare Your Breach Notification Policy!”
By Scott Roberts Under the HIPAA Privacy Rule, a Covered Entity is required to revise its notice of privacy practices (“NPP”) where there is a material change to any of its privacy policies. The HIPAA/HITECH Omnibus Final Rule (the “Omnibus Rule”) issued earlier this year requires a number of changes to privacy policies that will …
Continue reading “HHS Delays NPP Amendment Requirement for Laboratories Regulated Under CLIA”