Tag Archive: HIPAA

HIPAA and Social Media: What You Need to Know

Written by
Published 12/17/2019

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) was signed into law before the rollout of major social media sites such as Facebook, Twitter, and Instagram. And as such, there are no specific HIPAA rules for social media.  However, some HIPAA laws and standards apply to the use of social media by health care organizations and their workers. Because of that, each health care organization must implement a HIPAA social media policy to decrease the risk of HIPAA violations. The HIPAA Privacy Rule forbids the use of protected health information on social media networks. Protected health information includes text, videos, and images about specific patients that can enable others to identify them. Health care providers can only use…

Tags: , ,
Categorized in:

California Confidentiality of Medical Information Act vs. HIPAA

Written by
Published 11/20/2019

Patient health information is governed by robust rules that determine how this data is handled, stored, and accessed. Federal laws, such as the Health Insurance Portability and Accountability Act (HIPAA) and various state laws strengthen patient rights. HIPAA set a baseline for regulatory compliance with patient health information. Under the “preemption” language in the rule, no state may create less effective or weaker medical privacy protection for individuals.  However, states can exceed HIPAA regulations and institute more stringent requirements. One example of this is the California Confidentiality of Medical Information Act (CMIA), which has greater standards of protection of privacy than HIPAA.  Typically, in conflicts between federal and state rules, the federal rule is the governing requirement. But there is…

A HIPAA Physical Safeguards Risk Assessment Checklist

Written by
Published 05/17/2018

The HIPAA Physical Safeguards risk review focuses on storing electronic Protected Health Information (ePHI). While the Security Rule focuses on security requirements and the technical safeguards focus on the technology, the physical safeguards focus on facilities and hardware protection. Healthcare providers, covered entities, and business associates must undergo audits to prove regulatory compliance so that they can assure new customers of their security posture. Beginning the road to HIPAA compliance requires assessing security risk and mitigation controls. A HIPAA Physical Safeguards Risk Assessment Checklist What is HIPAA? HIPAA was enacted in 1996 to protect information as people moved from one job to another. The US Department of Health and Human Services (HHS) additionally passed the Privacy Rule in 2003, defining Protected Health Information (PHI) as “any information held by…

Categorized in: