Tag Archive: HIPAA

HIPAA and Social Media: What You Need to Know

Written by
Published 12/17/2019

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) was signed into law before the rollout of major social media sites such as Facebook, Twitter, and Instagram. And as such, there are no specific HIPAA rules for social media.  However, some HIPAA laws and standards apply to the use of social media by health care organizations and their workers. Because of that, each health care organization must implement a HIPAA social media policy to decrease the risk of HIPAA violations. The HIPAA Privacy Rule forbids the use of protected health information on social media networks. Protected health information includes text, videos, and images about specific patients that can enable others to identify them. Health care providers can only use…

Tags: , ,
Categorized in:

California Confidentiality of Medical Information Act vs. HIPAA

Written by
Published 11/20/2019

Patient health information is governed by robust rules that determine how this data is handled, stored, and accessed. Federal laws, such as the Health Insurance Portability and Accountability Act (HIPAA) and various state laws strengthen patient rights. HIPAA set a baseline for regulatory compliance with patient health information. Under the “preemption” language in the rule, no state may create less effective or weaker medical privacy protection for individuals.  However, states can exceed HIPAA regulations and institute more stringent requirements. One example of this is the California Confidentiality of Medical Information Act (CMIA), which has greater standards of protection of privacy than HIPAA.  Typically, in conflicts between federal and state rules, the federal rule is the governing requirement. But there is…

Why Healthcare Hacking is Profitable and How You Can Prevent it

Written by
Published 02/18/2016

This post was originally published on Medical Practice Insider. Not long ago, hackers focused on stealing financial data. The digitization of financial transactions brought heavy regulation and security to protect those transactions, but thieves still found ways to steal things like credit card numbers to sell on the dark web. Now, online criminals have turned their attention to more valuable digital data: your electronic healthcare records. Why? Because, while there will always be a market for stolen financial information, the information sells cheaply. If you find out a hacker stole your credit card number, you call your bank and cancel the card. If someone steals it and tries to make large or strange purchases across the country, your bank shuts the…

Tags: ,
Categorized in:

Top 3 Challenges When Updating Your Compliance Framework

Written by
Published 10/07/2015

Well, it’s happened again. The framework you worked so hard to implement across your company needs updating. This typically occurs every 4-6 years to provide organizations with enough time to prepare. For example, Sarbanes-Oxley, GLBA/FFIC, FISMA, and HIPAA are frameworks associated with traditional computing. Traditional frameworks like these took a long time to update. Yet, in the last several years, frameworks covering new technology change every 2-3 years. Standards that cover cloud, mobile, encryption, and vendor management fit this new model.  Thus, you will need to prepare to update your framework on an annual basis to keep up with all the changes. Each change to your existing compliance framework will pose a challenge. First, you should understand the impact the…

Tags: , , , ,
Categorized in:

August Standards Updates: FedRAMP Seeks Help, HIPAA Concerns, ISO “Landmark” and NIST Developments

Written by
Published 09/02/2015

FedRAMP Needs Feds to Help Refine High Impact Baseline The standards set forth by the High Impact Baseline will allow commercial cloud service providers to host sensitive information in their systems. Considering the potential that this Baseline has to shape the FedRAMP program going forward, officials are working hard to ensure that they get the standard right. After receiving public comments on their draft of the High Impact Baseline, FedRAMP is looking for help from federal employees to revise the standards set forth. FedRAMP plans to create “The Tiger Team,” which will consist of federal IT managers who can facilitate and oversee the revision process and prepare a final draft of the Baseline, which is scheduled to be finished prior…

Tags: , , ,
Categorized in: