HIPAA and Vendor Management: Bloody Fingerprint Problem

Written by - September 7, 2017
hipaa and vendor managment

Just when you figured out how to negotiate the “business entity” definition, Congress hit you with the Omnibus rule. HIPAA and vendor management suddenly became “a thing.” Managing patient health information (PHI) feels like gathering evidence from a crime scene.   Anyone who remembers the O.J. Simpson trial remembers the infamous bloody fingerprint. The sample of O.J. Simpson’s blood went missing during the police investigation. Only 6 ml of the 8 ml of the blood drawn from Simpson was accounted for, causing people to suspect evidence was planted. While HIPAA may not be as exciting as a high speed car chase, tracking your chain of evidence—or in compliance speak, chain of trust—matters. What is PHI?   PHI incorporates multiple types…