• Recently Written

  • Software update prevents users Brabeion RoHS
  • If our government to give free insurance?
  • Patient data are never really safe?
  • Importance of dog insurance in the life of your pet
  • Drug HIPA A friendly service Transcript
  • The importance of life insurance for your pet dog
  • If our government is giving away free insurance?
  • If our government is giving away free insurance?
  • Label
  • Health cards

• Categories

  • Healthcare Industry News
  • HIPAA
  • HIPAA (General)
  • HIPAA Compliance
  • HIPAA Compliant Software
  • HIPAA Enforcement
  • HIPAA Jobs
  • HIPAA Law
  • HIPAA Lawsuits
  • HIPAA News
  • HIPAA Privacy
  • HIPAA Regulation
  • HIPAA Security
  • HIPAA Technology
  • HIPAA Training
  • Medical Privacy
  • Privacy News
  • Sarbanes-Oxley

• Archives

  • August 2010
  • July 2010
  • October 2009
  • September 2009
  • July 2009
  • June 2009
  • May 2009
  • January 2009
  • September 2008
  • June 2008
  • April 2008
  • August 2007
  • December 2006
  • November 2006
  • October 2006
  • September 2006
  • August 2006
  • July 2006
  • June 2006
  • May 2006
  • April 2006
  • March 2006
  • February 2006
  • January 2006
  • November 2005
  • October 2005
  • May 2005
  • April 2005
  • March 2005
  • January 2005
  • December 2004
  • November 2004
  • October 2004
  • September 2004

• Admin

  • Log in
  • Wordpress
  • XHTML

• Search

There are so many rules that involve HIPPA. Whether you go to a doctor’s office, a hospital or in the medical facility you are given a HIPPA form that states how your medical records are confidential. Ever sense HIPPA was established. I have always wondered how safe my medical records are. Recently, I watched Michael Jackson’s doctor state the disease that he was diagnosed with on national television.

I have read up on HIPPA and from the information that I have received HIPPA is supposed to be enforced whether you are alive or deceased. If this is a fact how can doctors or any medical staff speak about your medical condition without your consent? Obviously, he could not have given his consent knowing that he is no longer with us. This brings up huge red flags for me.

For someone who has severe medical conditions. I have always wondered what if I went into a doctors office and knew the person behind the front desk or the nurse. And one night, that person is speaking to someone else in a related medical issue comes up with someone they know. Will that person forget for a second that my medical is confidential?

For the most part, I believe HIPPA is a good program that does try to keep your records confidential. Still, as we have seen with the Michael Jackson situation there a kinks that need to be sorted out.

From HIPAABook.com:

These are the top 10 essential HIPAA books for IT managers to read. Each of these popular titles was rated most highly useful by the cutomers at Amazon.

Read article: Top 10 highest-rated HIPAA books for IT Managers

Niner Niner, a collaborative weblog network, has over 25 great blogs and this “Best Of” highlights just a few of the posts that were written by some of the Niner authors, in topics that range from High Heels, Ajax, HIPAA Privacy Regulation to gadgets, books and health. 

     

In Ajax Blog, Sreejith introduces us to a few new things. First is Vox a new blogging service from Six Apart that uses WYSIWYG with a taste of web 2.0. After that we learn about Krun.ch and Wishlistr.

   

Blogging Naked: Scarification and lip plates are shown to be some of the newest and more popular form of “self-expression” in recent years.

Bookadoodle: Nancy Callahan posted more in her series “Getting Published” and this latest edition was part 5.

Boomer 2.0 had posts that pointed out that boomers can still have that second career and another that shows many are not even planning retirement anytime soon.

In Class Action Questions find out about lawsuits involving pyramid scams, hair raising beauty product claims and why State Farm was penalized.

Credit Cardenza: Unfortunately, millions of people are drowning in  credit card debt, have to worry about credit scams and fraud, and let’s not even talk about the international fees.

  

Dealsneak managed to sneak more than a few deals pass us this summer including, the Samsonite laptop case, a gorgeous leather bench, and a sweet looking Thermaltake Tsunami computer case.

Feed Money discusses the fact the Ebay has jumped on the contextual ad bandwagon as well as blog feeds and a program called RSS To Blog.

If you need to Fix Your Finances one of the first steps is learning how to save your money. After that you can check out Mvelopes to learn all about budgets.

At Games For Money you can find places to play free online gambling games and also learn some card counting tricks and tips.

  

The High Heels Blogs show us which killer heels are on sale including boots, sandals, slides and mules. Also take a look at some killer wedding heels for this summers nuptials.

 

A few notable gadgets that were blogged in the HyperGadget blog were the Kurzweil-National Federation of the Blind Reader, and the jumbled and messy looking organizer.

Over at the Medcare Forum, Kathleen Milazzo tells us more about that scary mad cow disease and our medical privacy laws.

Find out just how much house you can afford before you go running off to get that mortgage. And is the housing bubble really ready to blow? All this and more in Mortgage Updates.

At My Secret Side Biz learn how to make a profit, how to get your own powerwash, and simple business and Ebay tips.

On Healthy Living: Sarah White tells us all about a new study that could help with asthma reduction when it comes to do light exercise that involves stead breathing like yoga.

On Movies has a decade of super heroes list that includes recent and unreleased movies. Leafworks reviewed The Omen and we got to see the trailer for the new Ghost Rider movie.

Powersellers Blog: Ebay has done it. They finally reached 200 million members and they are also expanding into new ideas. Also people are fed up with Paypal while crooks are finding more ways to defraud your account.

Seo Updates: Yahoo one of the biggest email services was hit with a worm and Google expanded into real estate but won’t be making a browser, at least not anytime soon.

Get some free exercise tips from The Diet Logs. You will certainly need them if you plan to take a bite of this $100 burger.

Living the Single life? Well take a look at some great break up lines and if your looking to meet people Leafworks posted a great review of club La Rumba.

Thumb Gods: Nintendo is no, no to the name Wii for their new console a game system that is at the end of this long list containing The Evolution of Video Game Consoles.

Las Vegas Revealed that it was ill prepared for a massive disaster, but til then you can still get married and get comp’d in Vegas.

 

Wander the World, well the State of Colorado with Leafworks. He takes us to the Cherry Blossom Festival, Gothnic in Denver, Old Colorado City, Plaza del Arte Festival in Downtown Denver and Garden of the Gods.

Brabeion Software has updated their products with a new software called Brabeion Compliance Center 6.0. It allows users to keep up with regulatory compliance.

“With the addition of these regulatory modules, Chevron is better positioned to more proactively manage, deploy, and mitigate ongoing compliance efforts for SOX, HIPAA and other global regulatory requirements,” said Jay White, Global Information Protection Architect, Chevron. “Never before have we been able to implement easily and quickly such a comprehensive solution across our widely distributed information assets for compliance with external and internal regulations and security protocols.”

Brabeion Compliance Center is designed to significantly decrease the time and cost of implementing an IT compliance program, while providing unparalleled support for specific government and industry regulations. The solution includes modules for Sarbanes-Oxley (SOX), the Healthcare Information Privacy and Accountability Act (HIPAA), the Federal Information Systems Management Act (FISMA), the Gramm-Leach Bliley Act (GLBA), California SB 1386 and NIST 800-53. Brabeion Software plans to launch additional modules later this year.

Source: Thomas Net

Configuresoft makes software that helps clients manage their technology and privacy concerns. This software can audit and monitor both your hardware and software allowing you to spend your time elsewhere. Configuresoft has now updated this already impressive software.

Colorado Springs-based ConfigureSoft has upgraded its Enterprise Configuration Manager (ECM) software. The firm said yesterday that its latest version, 4.8, of its software tool adds a new dashboard capability, better support for operating system platforms, including new 64-bit Windows, and cross-platform toolkits for various compliance regulations. Configuresoft’s software is used for monitoring IT infrastructure for compliance with Sarbanes-Oxley (SOX), HIPAA, and other regulations.

Source: Tech Rockies

The deadline is looming, according to Business & Legal Reports:

The deadline for small [health] plans to comply with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) security standards is drawing near. The security standards are a corollary to the HIPAA Privacy Rule, which created national standards to protect individuals’ medical records and other personal health information and give to patients more control over their health information.

[...]

HIPAA’s security standards specify a series of administrative, technical, and physical security procedures for covered entities to use to ensure the confidentiality, integrity, and availability of PHI in electronic format. The security standards for all but small plans had to be in place by April 25, 2005. Small plans have until April 21, 2006, to comply. A small health plan is defined as a plan with annual receipts of $5 million or less. (Group health plans with fewer than 50 participants and that are administered by the employer are exempt from the HIPAA privacy, electronic transaction, and security standards.)

The standards require covered entities to implement basic safeguards to protect electronic PHI from unauthorized access, alteration, deletion, and transmission. The various standards may have either required or addressable implementation specifications.

A press release came across the wire recently, put out by Barbara Clark’s people, stating:

Nearly one year ago, Barbara Clark, a former Adventist nurse, filed a complaint with the U.S.
Department of Health and Human Services (DHHS) concerning the breach of confidentiality of her medical records under HIPAA; the federal Health Insurance Portability and Accountability Act of 1996.

Whenever money is at stake, it’s always important to look at all the sides. Clearly we’re only getting one side here, but if the allegations are true, the statements are certainly troubling.

This pdf on Clark’s website explains a bit more of the background in the case.

If your getting a pounding headache trying to comply with HIPAA Security Rule, head on over to CONQWEST. This company has years of security expertise and will help your company prioritize your compliance work all the while saving you time, money and risk.

Full Story

Here are some excerpts from an interesting article about information security. It relates to fulfillment of regulations, like ones given by HIPAA, as well as the shortcomings of companies and organizations in relation to their protection of sensitive data.

It is pretty interesting:

Despite the increased awareness, the recent frequency of security breaches seems to indicate that many companies have not adequately responded to the issue of data security within their organizations. New regulations and statutes are sure to get some attention, but the pressure to mitigate data security risks certainly increases as more fines are handed down and lawsuits are adjudicated.

Today’s society deals with an unprecedented amount of information. “There has been more electronic information, and therefore more digital assets, aggregated during the last two years than in the entire history of mankind before that,” says Kevin Kalinich, co-national managing director of Aon’s technology and professional risks group. Given the sheer amount of information exchanged, it has become increasingly difficult to not only protect it but even to identify what needs protecting.

Regardless of the solutions employed to reduce the risk of data security breaches, a balance of prevention strategies and mitigation efforts is likely the best possible protection. In fact, given how dependent modern business is on electronic data transmissions, it may no longer be an option to develop a data protection strategy.

As the courts and regulators place more emphasis on data security, businesses risk millions of dollars, and in severe cases like that of CardSystems, for instance, possibly the fate of their entire enterprise, by not addressing the issue. “We have to get smart and realize that when we create information, we create liability and when we create liability, we create responsibility,” says Nolan. Consider it just another cost of doing business in the 21st century.

Here’s a link to the entire article on “Top Tech News”

InformationWeek is reporting:

A federal advisory panel on Tuesday issued a 14-point report of recommendations for what’s needed to develop, implement, and foster the secure nationwide exchange of electronic medical information.

The report was issued by the Commission on System Interoperability, which was created by Congress as part of the Medicare Modernization Act of 2003. The commission was charged with developing recommendations, priorities, and a timeline for implementing an electronic health information exchange network.

A nationwide healthcare system would be a ripe target for hackers. Let’s hope these recommendations are heeded by the Federal gov.

Not only could the suggestions reduce security threats, but also help save lives.

As you know, medical mistakes such as prescriptions being filled incorrectly, cost thousands (if not hundreds of thousands) of lives yearly.

The article continues:

Government researchers estimate that health IT, like physician order-entry and standards-based electronic medical record systems, can help reduce tens of thousands of medical mistakes and billions of dollars in health-care costs annually in the U.S. There are already a handful of incentive programs underway by some private insurers, as well as a Medicare pilot program, that reward health-care providers who improve their quality-of-patient care using health IT.

Read more here

Jeff over at HIPAA Blog has some Wi-Fi and HIPAA Integration guidelines, courtesy of Hospital Compliance Wire:

1. Make sure the wi-fi access for your patients is separate from your clinical information systems. It should operate as if the wi-fi access route was operated by the business next door. Remember, even if your clinical systems aren’t wireless now, they may be in the future, so you definitely want to keep “customer” access separate from “employee” access.

2. Use a static portal as your log-in rules of the road. Have wi-fi access go through that portal page first, and include on it your rules for patient access. Remind patients to respect others in the waiting room and be considerate about what they are accessing (porn, gambling, rap music, you get the idea). When listing terms and conditions, give examples.

3. Make sure your signal isn’t so strong that it allows access to people outside your office. You may find some big bandwidth costs if someone camps onto your wi-fi from your parking lot.

4. Monitor wireless use. The worst thing you could do is install wi-fi and not monitor it, only to find that a patient or visitor has used your wi-fi to hack into your systems. Look for loopholes and trouble spots. Malicious visitors are always looking for weak spots, and technology constantly changes to invent new ways to breach old security measures.

I wouldn’t be surprised if there were many doctor’s offices around the country who have installed Wi-Fi networks but failed to secure them.

Hackers beware though – the fines / penalties for violating medical privacy rights could be much stiffer than your average hack target.

The privacy spot reports:

According to the Houston Chronicle, Christus St. Joseph Hospital sent approximately 16,000 letters to patients informing them that a computer stolen in a burglary earlier this year may have contained some of their medical records and Social Security numbers. According to the hospital letters, the only patient files affected, to their knowledge, are files for patients treated in the “emergency department in 2004, patients who sought outpatient services in radiology, sports medicine and rehabilitation from August through September 2003 and April through June 2004, and patient charts from 2001.”

Read more here

A Linux news site is reporting:

Ecora has released Enterprise Auditor version 3.6 that includes its new HIPAA Report Pack, a collection of more than 150 pre-built report definitions that address the technical and administrative safeguards of the HIPAA security standard.

“The manual process of preparing for a HIPAA security audit is time consuming, resource intensive, and prohibits sustainability, said Alex Bakman, founder and CEO of Ecora. “When organizations look at technology for compliance, they need to consider automated solutions such as our Enterprise Auditor that can cost-effectively help them maintain compliance in a repeatable and sustainable manner.”

Read more here

Looks like Senator Clinton and Congressman Markey have introduced federal legislation to prevent offshore outsourcing of personal data:

Senator Hillary Rodham Clinton and Representative Edward J. Markey announced that they would introduce the Safeguarding Americans from Exporting Identification Data (SAFE ID) Act in the United States Senate and House today, legislation that would protect the privacy of consumers’ most sensitive personal information. This legislation would close gaps in U.S. privacy laws that leave consumers vulnerable when American businesses and healthcare organizations send accounting and medical information overseas for processing, often without consumers’ knowledge. As Americans prepare to file their taxes, Senator Clinton and Representative Markey underscored the urgent need to make sure that personal information is safeguarded.

Link: Legislation PDF

Well, the deadline to complete the security requirements of HIPAA passed yesterday with little fanfare.

Internet News has the scoop:

“Considering everything that is involved with compliance, there are a lot of factors as to why some companies may not have completed it,” Earl Crane, a senior consultant with Foundstone Professional Services, said. Foundstone, a subsidiary of McAfee, is a leading HIPAA consultant and security software provider.

Some scary compliance stats:

However, a study from Information Technology Solution Providers Alliance shows that only 30 percent of health plans and 18 percent of health care providers in the SMB market are in compliance with the regulations.

“They’ve got their own fires to put out,” Crane said. “It doesn’t happen out of laziness but rather a crunch for resources,” he said.

Read more here

Next Page →

• Featured Links

Resources

Lasoo Online Catalogues

Asbestos Compensation

wholesale beauty

Links

• HIPAA Book
• HIPAA Jobs
• HIPAA News
• HIPAAClicks.com
• HIPAAdvisory
• The HIPAA Summit
• US Gov’s HIPAA Site

Meta

• Log in
• Entries RSS
• Comments RSS
• WordPress.org