After paper medical records are scanned into our system we shred the paper. For ex., patient fills out paperwork on initial visit and afterwards that is scanned into our system. Do we need to maintain a log of this as we would if destroying the medical record? Every piece of paper with any patient info...
Answer Question | April 7, 2016 7:32 pm
When is insurance online UI restricted by HIPAA? Trying to determine what is and what is not allowed to be posted to a healthcare insurance online account. The subscriber wants to see all family members claims in one account.
Answer Question | September 4, 2013 4:19 pm
Healthcare IT seems to becoming a very specialized field of IT study. What is being done to train and develop the healthcare IT worker so they are prepared to address the tools – specialized and IT system linked tools, mobility devices, and the governance/risk/compliance aspects – particularly with HIPAA and other privacy issues?
Answer Question | May 7, 2016 6:42 pm
Analytics, HIPAA, Mobility, workforce development
How prepared are organizations to handle the changes in HIPAA and HITECH that now require all Business Associates to understand how their own subsequent Business Associates are handling ePHI?
Answer Question | June 17, 2016 4:03 pm
I have wondered for some time about the insurance companies accessing Data exchanges. My Question is what stopping them from reviewing a Pts. medical history prior to underwriting the Pt and denying them because of what is discovered. I know that there is a HIPAA monitoring tool but with the volume of access the reviews...
Answer Question | June 29, 2016 9:08 pm
How do you know if Business Associates is indeed HIPAA compliant, as the prime liability is on the medical practice (covered entity)?
Answer Question | February 15, 2012 8:25 pm
Business associates, Covered entities, HIPAA
Does, or how does, your in-facility EHR share data with other outside-facility EHRs to create a patient-centric longitudinal health record? If this isn’t the case, does the EHR, in essence, perform the functionality of an EMR? If so, how do you handle data governance and privacy/security with data being viewed outside of the facility? Thanks!
Answer Question | January 11, 2012 5:24 pm
Data exchange, ehr, EMR, PHI
Has anyone had experience with getting consent from patients to share EHI/PHI across entities. Are you looking at consenting patients electronically?
Answer Question | December 15, 2011 8:11 pm
Data exchange, EHI, HIPAA, PHI, Protected health information
Where in the HIPAA rule or updates does it say that covered entities must keep data backups a minimum of five miles away from the original site? Or, does it not say this? I’ve heard this in conversation and am looking for a confirmation from any HIPAA experts.
Answer Question | January 10, 2013 2:34 pm
Data backup, Data Warehouse, ehr, HIPAA
What will prevent hackers once everyone’s health information is in a central location???
Answer Question | November 3, 2011 12:08 pm
With federal legistration trying to push towards making electronic health records immediately available to emergency personnel and medical professionals as needed, but also wanting to be able to view a report of anyone who has ever viewed an individual’s record at any given point and what may have been done with that data, what software vendors...
Answer Question | August 24, 2011 9:11 pm
It is so very hard to go through the mountains of paperwork for Medicare and the upcoming meaningful use with all it’s complex parts, and also have to worry about HIPAA and how to meet all our security needs with emr sharing across networks and so forth. What is the best way to approach this?
Answer Question | August 25, 2011 8:14 pm
ARRA, HIPAA, Meaningful use, Medicare
So how are people currently addressing HIPAA compliance on mobile devices (smartphones and tablets). And are you using a single solution or multiple solutions for different device OS – Blackberry, iOS, Android, WebOS, ChromeOS, Symbian, Windows Phone 7, etc. Are you using native applications or web applications for patient information?
Answer Question | June 27, 2011 5:59 pm
Compliance, HIPAA, smartphones, tablets
To safeguard healthcare data within databases, is it necessary to encrypt the data itself within the database, or encrypt the physical discs on which the data resides or use any other security feature?
Answer Question | June 3, 2011 5:46 pm
Data encryption, data security
With so much concern regarding storeage of data and the use of the cloud/virtual technology for storage, how do we secure the data? What type of encryption will allow sharing the healthcare data with different healthcare facilities across the U.S. and still protect the data from breech, hacking?
Answer Question | November 3, 2011 9:06 pm
Cloud, EHR security, Storage and PACS, virtual environment
It seems to me that the FDA is still a little apprehensive when it comes to getting involved in setting standards for medical device security – even though IT security issues in this space can directly impact patient safety. What are industry leaders and manufacturers doing to work together on this important issue of medical...
Answer Question | July 11, 2011 7:31 pm
FDA, HIPAA, medical devices, Modality, security
How are other IT organizations handling the support question around the demand(by staff) for the use of consumer-based electronic(mobile) devices?
Answer Question | May 26, 2011 12:51 pm
authentication, consumer electronics, device management, enterprise, IT support, Mobile devices and telehealth, security, smartphones, tablets
With some of concerns over privacy around the location tracking in the iPhone, should there be more concerns about security?
Answer Question | May 9, 2011 2:27 am
With the emphasis on EHR meaningful use attestation, we’ve see a great opportunity for healthcare organizations to institutionalize their security processes? Agree? Here’s our take: http://wp.me/pymfm-D2
Answer Question | November 3, 2011 9:44 pm
Health IT security, HIPAA risk analysis, HIPAA Security Rule, HITECH, Meaningful use
Many of the apps available in the app store and Market place for the android have access to the phone directory, email identify and few other private items. Does this mean that if you have a smartphone then you will most likely be the “victim” of targeted marketing AKA MORE SPAM. Or is your privacy...
Answer Question | January 13, 2011 4:33 am