• Recently Written

  • Software update prevents users Brabeion RoHS
  • If our government to give free insurance?
  • Patient data are never really safe?
  • Importance of dog insurance in the life of your pet
  • Drug HIPA A friendly service Transcript
  • The importance of life insurance for your pet dog
  • If our government is giving away free insurance?
  • If our government is giving away free insurance?
  • Label
  • Health cards

• Categories

  • Healthcare Industry News
  • HIPAA
  • HIPAA (General)
  • HIPAA Compliance
  • HIPAA Compliant Software
  • HIPAA Enforcement
  • HIPAA Jobs
  • HIPAA Law
  • HIPAA Lawsuits
  • HIPAA News
  • HIPAA Privacy
  • HIPAA Regulation
  • HIPAA Security
  • HIPAA Technology
  • HIPAA Training
  • Medical Privacy
  • Privacy News
  • Sarbanes-Oxley

• Archives

  • August 2010
  • July 2010
  • October 2009
  • September 2009
  • July 2009
  • June 2009
  • May 2009
  • January 2009
  • September 2008
  • June 2008
  • April 2008
  • August 2007
  • December 2006
  • November 2006
  • October 2006
  • September 2006
  • August 2006
  • July 2006
  • June 2006
  • May 2006
  • April 2006
  • March 2006
  • February 2006
  • January 2006
  • November 2005
  • October 2005
  • May 2005
  • April 2005
  • March 2005
  • January 2005
  • December 2004
  • November 2004
  • October 2004
  • September 2004

• Admin

  • Log in
  • Wordpress
  • XHTML

• Search

HIPAA is the acronym for the Healthiness Insurance Portability and Responsibility Act of 1996, the first complete federal defensive act assuring the secrecy of patient’s private healthiness data. As part of HIPAA, Congress needed the advancement of secrecy rules to make sure the confidentiality of defended electronic healthiness records. The challenge of complying with more and more demanding authorities rules for example HIPAA was to mandate that healthcare data turn out to be portable and accessible “by legislating the utilization of uniform electronic transactions and different administrative measures.
This day, discovering HIPAA agreeable medicinal billing software may be critical but with excessive cost for little medicinal office. Big medicinal providers or medicinal billers that have by the said time put into practice powerful safety policies and practices, the HIPAA safety rules won’t impose extended change. The major terribly impacted structures will be little medicinal offices and billers that have weak safety policies and practices, which consequently, should experience an extended and expensive compliance attempt.

The HIPAA rules are divided in 4 sections:
1. Administrative Safeguards
2. Physical Safeguards
3. Safety Services
4. Safety Mechanisms
That piece of writing deals specially with the software safety rules. However, there’s no such thing as “HIPAA agreeable” software. The liability to be agreeable rests with the medicinal practice. Bear in mind that the term “HIPAA Compliance” refers to a medicinal practice obligation and not to a software technical specification. An instance of non-software rule is to placing workstations in secure spots (not in open or public areas), and orienting workstations to avoid viewing by no authorized workers.
2 key areas influenced by HIPAA are the medicinal billing software and the practice administration software. The HIPAA Safety rules mandate that in case defended healthiness data is stored or processed electronically, then the safety rule applies to that covered entity.

The key software HIPAA agreeable practices are:

A. Any medicinal billing software package should supply complete emergency plan. HIPAA needs all covered entities to keep up and routinely update a plan for responding to system crashes. The software should incorporate robust functions for:
1. Information backup.
2. Information restores.
B. Hippie needs all medicinal providers to take a complete look at how information is made, where stored, who could adapt it and who could delete it. The software should incorporate functions for:
1. Audit trails. Admission to information fields tracked and recorded.
2. Log Files. Such files supervise of changes made to the patient information in the program, and such changes could be viewed and printed by opening the audit trail analysis screens
3. Log in reports.
4. Monitoring the safety happening log of Windows-based computers.
C. Practices for determining and granting admission. It is means protected admission to patient’s information just to certified workers with:
1. Individual verification – individual logins and passwords.
2. Function Based Admission Control.
3. Automated-logoff attributes. That attribute will automatically log you out subsequent to the chosen sum of time of idleness. That avoids other people from reading your screen in case you have left your office with the application turned on.

It’s quite critical to examine all over on trial origin. Don’t entrust suppliers that don’t offer trial versions. In Biosoftworld, we offer full trial versions of our medicinal billing software. Subsequent to 30 days, the trial copy will simply end. There’s totally no obligation to buy.

In June 2009, a 22-year-old Honolulu mama of 3 young kids was sentenced to per year in jail for unlawfully accessing the other female’s medicinal records and posting on a MySpace page that she had HIV.

The State of Hawaii brought fees in opposition to the female under a state statute criminalizing the unauthorized admission to a PC; and which categorized the conduct of the defendant as a class B felony.

In accordance with accounts of the incidents that led to the female’s conviction, there was a feud among the prey and the prey’s sister-in-law, a pal of the defendant. The defendant, who worked as a patient service aspersions at the clinic where the prey was a patient, accessed the PC for the prey’s sister-in-law.

Over the course of roughly 10 months, the defendant accessed the patient’s medicinal records 3 times via a PC. Subsequent to she learned of the prey’s medicinal condition, the defendant posted on her MySpace page that the prey had HIV. In a second posting, she stated the prey was dying of AIDS.

The prey protested to clinic officials of the unauthorized admission. Subsequent to an interior examination, the clinic terminated the defendant’s employment.

The defendant’s conduct, certainly, was egregious and inexcusable. The one-year lockup term handed down by the Court surpassed the term advised by the prosecutor. Nonetheless, beyond the issue of holding the defendant responsible for her actions some may query to what amount the clinic should bear liability for the breaches of confidentiality that happened.

Federal law imposes legal burdens on healthiness care providers to defend in opposition to the improper utilize or disclosure of personal healthiness data and to sensibly limit utilizes and disclosures to the least needed to achieve their proposed objective.

Specially, the Healthiness Insurance Portability and Responsibility Act of 1996’s (”HIPAA”) secrecy rules turned out to be efficient on April 14, 2003. HIPAA is proposed to defend clients’ healthiness data, permit clients more excessive admission and control to such data, increase healthiness care, and ultimately to make a nationwide framework for healthiness secrecy defense. HIPAA covers healthiness plans, healthiness care clearinghouses, and such healthiness care providers that conduct particular financial and administrative transactions electronically.

Additionally to the secrecy rules, HIPAA’s safety rules turned out to be efficient on April 21, 2005. Jointly the secrecy and safety rules are the just nationwide set of rules that governs the utilization and disclosure of personal, secret and responsive data.

Under HIPAA’s Safety Rule, the standards for the defense of electronic data covered by HIPAA are divided in 3 groups: Administrative safeguards, Physical safeguards and Technical safeguards.

A pair of the major serious needed safeguards under HIPAA is the Administrative “Sanction Policy” and “Safety Alertness Training” safeguards.

The sanction policy standard needs a interaction to all staff members concerning the disciplinary action that will be taken by the covered entity for violations of HIPAA. The sanction policy should have a notice of social or illegal punishment for misuses or misappropriation of healthiness data and make staff members aware that violations may cause notification to law enforcement officials and regulatory, accreditation, and licensure businesses.

The safety alertness training standard needs all staff members, agents, and contractors to partake in data safety alertness training programs. Based on work liabilities, the covered entity should need persons to attend adapted education programs that focus on issues concerning utilize of healthiness data and liabilities concerning confidentiality and safety.

The HIPAA secrecy and safety rules need a secrecy officer and safety officer to be designated by the covered entity. The secrecy and safety officer should repeatedly study and supervise chance by thoroughly assessing potential risks and vulnerabilities, and implementing connected safety measures.

The U.S. Subdivision of Fairness (”DOJ”) clarified the punishment that may be assessed and in opposition to whom for HIPAA violations. Covered entities and persons whom “deliberately” get or disclose individually identifiable healthiness data in breach of HIPAA may be fined up to $50,000, in addition to custody up to one year.

Offenses committed under fake pretenses permit punishment to be enhanced–a $ONE HUNDRED, 000 good, with up to 5 years in jail. Ultimately, offenses committed with the intention to trade, transfer, or utilize individually identifiable healthiness data for commercial benefit, private acquire or malicious damage permit fines of $250,000, and custody for up to decade.

Given the safety break that led to the tragic events, including the one-year lockup term for the defendant, Hawaii employers, healthiness care providers and healthiness plans should study their secrecy and HIPAA policies and conduct an audit of their practices with the intention of defend in opposition to the improper utilize and disclosure of personal healthiness data and to decrease the chance of secrecy breaches in their personal company.

Roman Amgun, Esq. Is a Hawaii officer specializing in employment law, work law, and social court case. His philosophy is to supply practicable solutions to all complex and usual place of work, employer/worker, and social argues. As a Hawaii attorney, Mr. Amgun often appears prior to federal and state courts in Hawaii, in addition to state and federal administrative agencies for example the U.S. EEOC and Hawaii Social Rights Commission.

There are so many rules that involve HIPPA. Whether you go to a doctor’s office, a hospital or in the medical facility you are given a HIPPA form that states how your medical records are confidential. Ever sense HIPPA was established. I have always wondered how safe my medical records are. Recently, I watched Michael Jackson’s doctor state the disease that he was diagnosed with on national television.

I have read up on HIPPA and from the information that I have received HIPPA is supposed to be enforced whether you are alive or deceased. If this is a fact how can doctors or any medical staff speak about your medical condition without your consent? Obviously, he could not have given his consent knowing that he is no longer with us. This brings up huge red flags for me.

For someone who has severe medical conditions. I have always wondered what if I went into a doctors office and knew the person behind the front desk or the nurse. And one night, that person is speaking to someone else in a related medical issue comes up with someone they know. Will that person forget for a second that my medical is confidential?

For the most part, I believe HIPPA is a good program that does try to keep your records confidential. Still, as we have seen with the Michael Jackson situation there a kinks that need to be sorted out.

Niner Niner, a collaborative weblog network, has over 25 great blogs and this “Best Of” highlights just a few of the posts that were written by some of the Niner authors, in topics that range from High Heels, Ajax, HIPAA Privacy Regulation to gadgets, books and health. 

     

In Ajax Blog, Sreejith introduces us to a few new things. First is Vox a new blogging service from Six Apart that uses WYSIWYG with a taste of web 2.0. After that we learn about Krun.ch and Wishlistr.

   

Blogging Naked: Scarification and lip plates are shown to be some of the newest and more popular form of “self-expression” in recent years.

Bookadoodle: Nancy Callahan posted more in her series “Getting Published” and this latest edition was part 5.

Boomer 2.0 had posts that pointed out that boomers can still have that second career and another that shows many are not even planning retirement anytime soon.

In Class Action Questions find out about lawsuits involving pyramid scams, hair raising beauty product claims and why State Farm was penalized.

Credit Cardenza: Unfortunately, millions of people are drowning in  credit card debt, have to worry about credit scams and fraud, and let’s not even talk about the international fees.

  

Dealsneak managed to sneak more than a few deals pass us this summer including, the Samsonite laptop case, a gorgeous leather bench, and a sweet looking Thermaltake Tsunami computer case.

Feed Money discusses the fact the Ebay has jumped on the contextual ad bandwagon as well as blog feeds and a program called RSS To Blog.

If you need to Fix Your Finances one of the first steps is learning how to save your money. After that you can check out Mvelopes to learn all about budgets.

At Games For Money you can find places to play free online gambling games and also learn some card counting tricks and tips.

  

The High Heels Blogs show us which killer heels are on sale including boots, sandals, slides and mules. Also take a look at some killer wedding heels for this summers nuptials.

 

A few notable gadgets that were blogged in the HyperGadget blog were the Kurzweil-National Federation of the Blind Reader, and the jumbled and messy looking organizer.

Over at the Medcare Forum, Kathleen Milazzo tells us more about that scary mad cow disease and our medical privacy laws.

Find out just how much house you can afford before you go running off to get that mortgage. And is the housing bubble really ready to blow? All this and more in Mortgage Updates.

At My Secret Side Biz learn how to make a profit, how to get your own powerwash, and simple business and Ebay tips.

On Healthy Living: Sarah White tells us all about a new study that could help with asthma reduction when it comes to do light exercise that involves stead breathing like yoga.

On Movies has a decade of super heroes list that includes recent and unreleased movies. Leafworks reviewed The Omen and we got to see the trailer for the new Ghost Rider movie.

Powersellers Blog: Ebay has done it. They finally reached 200 million members and they are also expanding into new ideas. Also people are fed up with Paypal while crooks are finding more ways to defraud your account.

Seo Updates: Yahoo one of the biggest email services was hit with a worm and Google expanded into real estate but won’t be making a browser, at least not anytime soon.

Get some free exercise tips from The Diet Logs. You will certainly need them if you plan to take a bite of this $100 burger.

Living the Single life? Well take a look at some great break up lines and if your looking to meet people Leafworks posted a great review of club La Rumba.

Thumb Gods: Nintendo is no, no to the name Wii for their new console a game system that is at the end of this long list containing The Evolution of Video Game Consoles.

Las Vegas Revealed that it was ill prepared for a massive disaster, but til then you can still get married and get comp’d in Vegas.

 

Wander the World, well the State of Colorado with Leafworks. He takes us to the Cherry Blossom Festival, Gothnic in Denver, Old Colorado City, Plaza del Arte Festival in Downtown Denver and Garden of the Gods.

While some are up in arms about the whole Rush Limbaugh Viagra privacy debacle, I am more interested in all the thefts that been going on. It seems to be a recurring story week after week.

Only recently the Federal Trade Commission had their own breach, which was due to someone stealing a laptop from an employees vehicle. A lot of these problems seem to be happening because employees have laptops and private files with millions of data on hundreds of thousands of people and no one is doing a thing about it.

I really would have thought that companies would take a look at what’s happening and start changing the way information is handled when it comes to employees taking it with them.

I would take a large guess that until some of the information stolen belongs to a celebrity or someone in Congress, not a damn thing is going to be done. If you are one of the people affected I guess they will sing you the tune of too bad, so sad.

In March, the Ohio Supreme Court ruled that Ohio’s open records law overruled the protections for medical records under HIPAA. This decision is “possibly the first regarding a clash between states’ open records laws and HIPAA.”

The court case involved the Cincinnati Enquirer, which wanted the city to “hand over information regarding building owners who’d been cited for lead paint violations.” On March 17th, the Enquirer won: the Ohio Supreme Court “ruled unanimously that the Cincinnati Health Department was in the wrong when it used HIPAA’s privacy protections as an excuse not to provide the Enquirer with information on lead paint violations.”

Because many states have open records laws, so this outcome could “prove to be a landmark ruling should similar situations emerge in other locales.”

For more details, check out CIO Magazine.

A press release came across the wire recently, put out by Barbara Clark’s people, stating:

Nearly one year ago, Barbara Clark, a former Adventist nurse, filed a complaint with the U.S.
Department of Health and Human Services (DHHS) concerning the breach of confidentiality of her medical records under HIPAA; the federal Health Insurance Portability and Accountability Act of 1996.

Whenever money is at stake, it’s always important to look at all the sides. Clearly we’re only getting one side here, but if the allegations are true, the statements are certainly troubling.

This pdf on Clark’s website explains a bit more of the background in the case.

InformationWeek is reporting:

A federal advisory panel on Tuesday issued a 14-point report of recommendations for what’s needed to develop, implement, and foster the secure nationwide exchange of electronic medical information.

The report was issued by the Commission on System Interoperability, which was created by Congress as part of the Medicare Modernization Act of 2003. The commission was charged with developing recommendations, priorities, and a timeline for implementing an electronic health information exchange network.

A nationwide healthcare system would be a ripe target for hackers. Let’s hope these recommendations are heeded by the Federal gov.

Not only could the suggestions reduce security threats, but also help save lives.

As you know, medical mistakes such as prescriptions being filled incorrectly, cost thousands (if not hundreds of thousands) of lives yearly.

The article continues:

Government researchers estimate that health IT, like physician order-entry and standards-based electronic medical record systems, can help reduce tens of thousands of medical mistakes and billions of dollars in health-care costs annually in the U.S. There are already a handful of incentive programs underway by some private insurers, as well as a Medicare pilot program, that reward health-care providers who improve their quality-of-patient care using health IT.

Read more here

Here’s an interesting twist on the old federal vs. state jurisdictional dispute.

First Amendment Center is reporting:

COLUMBUS, Ohio — A newspaper wants to report on homes, many of them rented, where lead paint has harmed children. The city health department fears federal fines and penalties if it complies with the state’s open-records law.

In what attorneys say is one of the first such tests nationwide, the Ohio Supreme Court must decide if state law trumps the federal rule.

The 2-year-old federal Health Insurance Portability and Accountability Act prohibits health insurers, medical care providers and entities that process medical information from releasing any information that identifies the patient. However, the information can be released by a public agency if a state records law mandates it.

This seems like one of those grey areas of the law where the legislature did not fully understand some of the ramifications of HIPAA legislation.

Read more here

The Ohio Supreme Court is going to rule on whether state disclosure laws overrule the federal HIPAA mandates for protecting patient privacy. This may be one of the first rulings on the HIPAA regulations and should help establish precedent for exactly when state laws should rule instead of federal law.

The newspaper’s attorney, Jack Greiner, argues that the open-records law wins. Guidance by federal attorneys says that when a records law mandates disclosure, rather than just permit it, the state law takes precedence.

Are lead paint violation notices really covered by HIPAA?

“The Health Department was concerned about the potential for civil and criminal penalties for the violation of this somewhat vague and confusing … mandate,” Nestor said.

Both sides in the case, and the Reporters Committee for Freedom of the Press, knew of only two similar cases in Texas and Kentucky. Attorneys general in both states said the public-records law takes precedence, but both those cases dealt with records requests to police agencies, which don’t count as health care entities under the federal rule.

Greiner says the records are essential for the public to know where public health hazards are, and whether the Health Department is acting on them.

A ruling to seal the lead citations could hamper investigative reporting, public-records advocates say.

“This would have a chilling effect in the release of more general information, and that would be a shame because it would deny communities information that would clearly be in the public interest,” said Frank Deaner, lobbyist for the Ohio Newspaper Association.

Read the entire article at firstamendmentcenter.org

The privacy spot reports:

According to the Houston Chronicle, Christus St. Joseph Hospital sent approximately 16,000 letters to patients informing them that a computer stolen in a burglary earlier this year may have contained some of their medical records and Social Security numbers. According to the hospital letters, the only patient files affected, to their knowledge, are files for patients treated in the “emergency department in 2004, patients who sought outpatient services in radiology, sports medicine and rehabilitation from August through September 2003 and April through June 2004, and patient charts from 2001.”

Read more here

Well, the deadline to complete the security requirements of HIPAA passed yesterday with little fanfare.

Internet News has the scoop:

“Considering everything that is involved with compliance, there are a lot of factors as to why some companies may not have completed it,” Earl Crane, a senior consultant with Foundstone Professional Services, said. Foundstone, a subsidiary of McAfee, is a leading HIPAA consultant and security software provider.

Some scary compliance stats:

However, a study from Information Technology Solution Providers Alliance shows that only 30 percent of health plans and 18 percent of health care providers in the SMB market are in compliance with the regulations.

“They’ve got their own fires to put out,” Crane said. “It doesn’t happen out of laziness but rather a crunch for resources,” he said.

Read more here

On April 18, 2005, the Federal Register published the proposed rule regarding enforcement of the HIPAA Administrative Simplification Rule. Comments on the proposed rule will be considered by the Department of Health and Human Services if received no later than June 17, 2005.

To read the proposed rule, click here.

(via privacy spot)

The Houston Chronicle is reporting:

DALLAS — A state district court judge rejected a bid by an alternative weekly newspaper to dismiss a lawsuit filed by a church volunteer who said the paper reported without his permission that he was HIV-positive.

The ruling Wednesday could clear the way for a trial. The judge did not set a trial date.

The plaintiff is seeking $550,000 to $1.1 billion in damages against The Dallas Observer, charging that the newspaper violated a Texas confidentiality law. The law forbids disclosing medical test results without a patient’s written consent, except to government health agencies.

The man, named John Doe in the lawsuit, sued the newspaper; its parent company, Phoenix-based New Times Inc.; J.D. Sparks, a freelancer who wrote the article; and Jean Morris, the former church official who told the newspaper that the man was HIV-positive.

Lawyers for the newspaper said the law was intended to apply to hospitals and insurance companies, not news organizations. They also said that the man had already disclosed his HIV status by letting his picture and name appear on a CD by Positive Voices, an openly HIV-positive chorale group.

Read more here

Jeff over at the other HIPAA Blog points out a medblogger who also notes the San Jose computer theft incident.

The only problem? It’s not a HIPAA violation as they claim. (This according to Jeff Drummond, a guy who certainly knows his stuff.)

Jeff Drummond:

Grand Rounds is up, this time at GruntDoc, an ER doc blogging from the other half of the North Texas Metroplex, affectionately known as Foat Wuth. He links to a medblogger who notes the San Jose medical group’s computer theft incident I blogged recently, and says it’s a HIPAA violation; I disagree, at least with the long-distance diagnosis. The fact that something bad happens doesn’t mean there’s a HIPAA violation. The fact that PHI gets improperly disclosed doesn’t mean that there’s a HIPAA violation. HIPAA doesn’t require that PHI never get out wrongly, it just requires that covered entities take reasonable steps to try to prevent that.

There’s the key: ‘The fact that PHI gets improperly disclosed doesn’t mean that there’s a HIPAA violation.’

Next Page →

• Featured Links

Resources

Lasoo Online Catalogues

Asbestos Compensation

wholesale beauty

Links

• HIPAA Book
• HIPAA Jobs
• HIPAA News
• HIPAAClicks.com
• HIPAAdvisory
• The HIPAA Summit
• US Gov’s HIPAA Site

Meta

• Log in
• Entries RSS
• Comments RSS
• WordPress.org