HIPAA Advice Articles

The Health Insurance Portability and Accountability Act of 1996 sets out to ensure the security and privacy [...]

Despite many healthcare organizations’ best efforts, HIPAA violations do occur. These can be made through [...]

In businesses subject to the Health Insurance Portability and Accountability Act (HIPAA), individually [...]

The Health Insurance Portability and Accountability Act was introduced in 1996, and since then has seen many [...]

All healthcare workers should be aware of HIPAA, and be provided with regular training in HIPAA compliance. [...]

One of the primary purposes of the Health Insurance Portability and Accountability Act of 1996 is to protect [...]

The Standards for Privacy of Individually Identifiable Health Information (the “HIPAA Privacy Rule”) were [...]

We may know what HIPAA stands for and what the Act generally does, but what does HIPAA Protect? What kinds of [...]

HIPAA is composed of several different “HIPAA Rules”, each governing a different aspect of patient [...]

Given how serious they are, how can you avoid HIPAA violations? Is there any sure-fire method of preventing [...]

All patients have the right to complain to a Covered Entity or Business Associate if they have concerns over [...]

If a HIPAA violation has been discovered, it is not only essential that it is reported in a timely manner [...]

Password managers are effective tools to support HIPAA compliance subject to them having the capabilities to [...]

Anyone who is unsure about the scale of the threat from phishing should read the web descriptions of data [...]

The Health Insurance Portability and Accountability Act was enacted by Congress in 1996, making it a Federal [...]

HIPAA violations are a serious matter and should be avoided at all costs. However, it is important to know [...]

There are various answers to the question what does HIPAA protect depending on the perspective from which you [...]

  In general, dentists are considered “Covered Entities” under HIPAA, so they must meet all of the [...]

Though HIPAA was established to protect health data, it is not protected in every situation. Only some [...]

Pharmacies and HIPAA compliance can have a difficult relationship due to the other state and federal laws [...]

The rules of dental HIPAA compliance are no different from the rules governing other HIPAA Covered Entities [...]

  The Health Information Technology for Economic and Clinical Health Act (HITECH Act) came into effect [...]

Despite the best efforts of many Covered Entities, there appears to be an upward trend in violations of HIPAA [...]

It may surprise some people to learn that, in the entire text of HIPAA pictures and videos are only mentioned [...]

The terms “violation” and “breach” are sometimes conflated in HIPAA-related discussions, and it is [...]

Many sources of HIPAA business associate examples tend to repeat the examples of HIPAA business associates [...]

  Hopefully, many patients will have at least heard of HIPAA and know of its role in protecting them and [...]

The HIPAA Security Rule requires HIPAA-regulated entities to conduct a security risk assessment to identify [...]

Despite the Privacy Rule requiring healthcare organizations and health plans to provide information about how [...]

  Even if healthcare organizations are aware of their responsibilities under the Health Insurance [...]

The penalties for non-compliance with HIPAA vary considerably according to the nature of the non-compliant [...]

Many patients will be aware of HIPAA, and know that it guarantees some protections for their privacy, but [...]

The HITECH Act (or Health Information Technology for Economic and Clinical Health Act) was passed in 2009 as [...]

The requirement for HIPAA training in a dental office is the same as the requirement for any other Covered [...]

What happens if HIPAA is violated? What are the possible consequences for covered entities and their [...]

The answer to the question who does HIPAA apply to is not always as straightforward as it is presented to be. [...]

Who can violate HIPAA? Can anyone violate HIPAA? To answer this, it is essential to first know who HIPAA [...]

The HIPAA identifiers are sometimes confused with definitions of Protected Health Information, so it is [...]

Hopefully, everyone working in the healthcare industry will know about HIPAA, but given the Act’s [...]

Can workplace gossip ever be a HIPAA violation? Clearly, this will depend on a number of factors – who [...]

HIPAA compliance software is a SaaS compliance framework that assists Covered Entities and Business [...]

Human error makes mistakes hard to avoid, but can you get fired for an accidental HIPAA violation? [...]

It may have been around for a long time now, but is HIPAA still in effect? In short, yes, HIPAA  is still in [...]

When should you promote HIPAA awareness? Shouldn’t employees always be aware of their obligations under [...]

Many people will be acquainted with HIPAA, but why is it important? Since it was introduced in 1996, HIPAA [...]

In the Code of Federal Regulations, 45 CFR § 164.530 relates to the administrative requirements of the HIPAA [...]

45 CFR § 164.308 is the section of the Code of Federal Regulations that contains the Administrative [...]

The HHS’ Office for Civil Rights has recently reminded HIPAA-covered entities and their business associates [...]

In the United States, mask mandates are starting to be lifted and people who have been fully vaccinated [...]

In 2011, House Bill 300 (HB 300) introduced significant changes to the Texas Health and Safety Code including [...]

Every HIPAA-covered entity is required to implement policies and procedures to ensure compliance with the [...]

The HIPAA Enforcement Rule gave the HHS’ Office for Civil Rights the authority to penalize healthcare [...]

How Often Do You Need HIPAA Training? Considering the importance of HIPAA compliance and the potential [...]

The Health Insurance Portability and Accountability Act of 1996 or HIPAA was signed into law by Pres. Bill [...]

Although it is illegal for a Covered Entity to intimidate, threaten, coerce, discriminate, or retaliate [...]

Digital signatures have been shown to increase the efficiency of many administrative processes in the [...]

The HIPAA “Minimum Necessary” standard is an important provision of HIPAA and one that all employees of [...]

The Health Insurance Portability and Accountability Act of 1996 – or HIPAA for short – is a vital [...]

Although there are no specific HIPAA telephone rules, Covered Entities and Business Associates are required [...]

The City of New Haven in Connecticut has settled a HIPAA violation case with the U.S. Department of Health [...]

A recent MITRE-Harris poll has revealed most Americans are unaware of the extent to which health insurers are [...]

In certain circumstances, the developers of mobile health apps are classed as business associates and are [...]

HIPAA-covered entities and their business associates are required to implement safeguards to ensure the [...]

Can healthcare providers and their employees utilize Google Voice? Is this telephony service HIPAA compliant? [...]

If there is one good thing to come out of the COVID-19 pandemic it is the changes that have been made to [...]

When famous people are diagnosed with an illness or suffer an accident, that can be headline news. The Health [...]

Last week, the Trump Administration extended Medicare telehealth services as the COVID-19 crisis deepened. [...]

While email retention is not specifically mentioned in the HIPAA text, certain provisions cover data [...]

A HIPAA subpoena for medical records is an area where there is considerable potential for a HIPAA violation. [...]

What are the requirements for a HIPAA compliant website? Here we list the important elements when setting up [...]

Google Forms is a survey administration tool that allows forms to be created for data collection purposes, [...]

In this post we cover some of the many HIPAA myths that have been circulating on the internet and often get [...]

The HHS’ Office for Civil Rights (OCR) has announced its sixth HIPAA penalty of 2019. The University of [...]

It has been 14 years since the HIPAA Security Rule requirements have been mandatory, but many healthcare [...]

The first dentist that was issued a fine for a HIPAA violation was Dr. Joseph Beck in 2015. His case served [...]

When did compliance with the Health Insurance Portability and Accountability Act (HIPAA) become mandatory and [...]

Can medical practitioners use Google Home and Google Assistant? Is Google Assistant HIPAA compliant or would [...]

Can healthcare organizations use DocuSign in association with electronic protected health information (ePHI) [...]

Microsoft Teams is popular among businesses who use it to improve communication and collaboration, but can it [...]

Calendly is a well-known tool that many businesses use for scheduling meetings and appointments. Is it all [...]

Evernote is a useful cloud-based tool for taking notes, making to do lists, planning projects, and [...]

Google Keep is a cloud-based note taking application that allows notes to be created and shared across [...]

Both the Department of Health and Human Service’ Office for Civil Rights (OCR) and state attorneys general [...]

Return Path is an email marketing and optimization program that helps companies to put their email marketing [...]

Does Mandrill support HIPAA compliance? Can healthcare organizations use MailChimp’s transactional email [...]

Marketo is an email marketing and lead management platform that has now been acquired by Adobe. Can [...]

SparkPost is a well-known email delivery and analytics program used by a lot of businesses for communicating [...]

JotForm is a software solution that can be used for making online forms. Can healthcare organizations use [...]

Constant Contact offers an online and email marketing solution which allow businesses to easily keep in touch [...]

If healthcare providers, health plans, healthcare clearinghouses and business associates of HIPAA-covered [...]

MailChimp is an automated email marketing program used for sending marketing newsletters and emails to [...]

The term “HIPAA covered entity” wasn’t included in the Healthcare Insurance Portability and [...]

Zendesk is a provider of a customer service software program and support ticketing system. More than 200,000 [...]

To whom should HIPAA violation complaints be directed to inside a covered entity? If a healthcare employee [...]

California governor Jerry Brown has signed AB 375 – the California Consumer Privacy Act of 2018 – [...]

Is It Necessary to Archive Emails to Comply with HIPAA? Email archiving is not required by the Security [...]

The issue of HIPAA compliance for home health care workers can be complicated because of specific challenges [...]

To find the answer to the question what information does the HIPAA law protect, you have to look beyond the [...]

Achieving Workflow Optimization in Hospitals The matter of improving hospital workflows is a senior [...]

HIPAA compliance for HR departments is necessary for healthcare and health insurance companies, but even [...]

SharePoint is a web-based document management and storage system. It is one of the top collaborative [...]

WordPress is a well-known content management system used for creating websites. A lot of businesses use [...]

HIPAA Compliant Texting in Call Centers HIPAA compliance for call centers is an important concern for all [...]

There is a worrisome practice happening in healthcare centers throughout the country: The utilization of [...]

Stage 2 Meaningful Use, HIPAA Compliance and EHRs Stage 2 Meaningful Use elevates the standard on the [...]

Healthcare institutions and their business associates must be in compliance with the HIPAA Privacy, Security, [...]

The Administrative Safeguards of the HIPAA Security Rule (45 CFR 164.308) require all Covered Entities to [...]

This article answers one of the most commonly asked questions related to HIPAA – What is considered [...]

Should healthcare providers encrypt data in the smartphones they use? There is some misunderstanding [...]

“Does HIPAA Apply to Employers” is a question that has triggered varied responses because of the complex [...]

The Health Insurance Portability and Accountability Act (HIPAA) is applicable to healthcare organizations and [...]

Objectives of HIPAA Privacy Laws HIPAA privacy laws were introduced in 2002 with the goal of ensuring the [...]

The Centers for Medicare and Medicaid Services (CMS) has confirmed to healthcare providers that using text [...]

The majority of Americans know that HIPAA relates to healthcare providers, but many people do not realize how [...]

Why Modern Technology May Not be HIPAA Compliant A lot of healthcare professionals today use their mobile [...]

The HIPAA Rules place restrictions on the disclosure of protected health information (PHI) and healthcare [...]

Would you report a HIPAA violation if you suspect that one occurred in your workplace? If so, how would you [...]

A lot of healthcare organizations would like to use email for transmitting the protected health information [...]

The U.S. Department of Health and Human Services (HHS) has formally launched its Health Sector Cybersecurity [...]

A limited data set, as defined in the HIPAA Privacy Rule, is a set of identifiable healthcare data that [...]

Is Google Docs HIPAA compliant? Are HIPAA-covered entities allowed to upload files containing protected [...]

There is some confusion about HIPAA and the HITECH Act. HIPAA predates the HITECH Act by 13 years and is [...]

Is it acceptable for HIPAA-covered entities to use G Suite and can the suite of cloud services be used [...]

The HIPAA risk analysis is a fundamental component of HIPAA compliance, but a lot of healthcare agencies and [...]

Under the Healthcare Insurance Portability and Accountability Act, a covered entity or business associate [...]

Office 365 is a collection of subscription products from Microsoft that include Word, Excel, PowerPoint, [...]

The Health Insurance Portability and Accountability Act (HIPAA) is an essential set of regulations that were [...]

The acronym PHI is generally used in association with health information, but what does PHI stand for? What [...]

Is it possible for a patient to file a lawsuit for a HIPAA violation? There is no private cause of action in [...]

Everyday, there seems to be a new report about a healthcare provider or health plan that has been discovered [...]

Vendors offering their services to healthcare providers that would require access to protected health [...]

Protected Health Information according to HIPAA is individually identifiable health information collected, [...]

HIPAA-covered entities need to make certain that protected health information (PHI) sent by email is secure [...]

Are Emails HIPAA Compliant? The use of email by HIPAA-covered entities to send sensitive patient health [...]

A HIPAA release form signed by the patient ought to be acquired prior to sharing that individual’s [...]

The U.S. Food and Drug Administration (FDA) has introduced new guidance about the usage of EHR data in [...]

Rackspace is a cloud computing company based in Windcrest, Texas that provides public cloud and email hosting [...]

Two HIPAA-covered organizations have recently announced they have been victims of phishing attacks that [...]

To help HIPAA-covered entities to streamline HIPAA authorizations for the use of protected health information [...]

Black Book Research has published the results of a survey on the use of mobile technology by hospitals and [...]

Geofencing is a technology that creates a digital fence around a particular location or space online allowing [...]

The Department of Health and Human Services’ Office for Civil Rights (OCR) is reminding HIPAA covered [...]

Is it the End of Paging? Since changes have been made to the HIPAA Privacy and Security Rules, there has been [...]

Email is a valuable and convenient means of communication. Can healthcare companies employ email to deliver [...]

Who should be informed within the covered entity when you want to make a HIPAA complaint? Any healthcare [...]

Amazon Web Services possesses all the security requirements to meet the HIPAA Security Rule and Amazon is [...]

A lot of HIPAA covered entities are not aware of the HIPAA Conduit Exception Rule. Consequently, there are [...]

Healthcare providers often question whether Google services are HIPAA compliant, including whether Google [...]

Healthcare companies are not forbidden by HIPAA to utilize cloud services. With cloud services, organizations [...]

Can healthcare organizations use HelloFax to send documents containing protected health information (PHI)? [...]

Healthcare companies and their business associates need to adhere to the HIPAA Privacy, Security, and Breach [...]

WebEx is a platform for online video conferencing and collaboration helping organizations interact with [...]

Can HIPAA covered entities use FaceTime for communicating protected health information (PHI) without breaking [...]

Is Facebook Messenger HIPAA compliant? Could it be used by healthcare organizations as the messaging service [...]

Software programs or email services cannot be completely HIPAA compliant, because technology is not just the [...]

The use of Amazon Alexa is limited in healthcare because it is not HIPAA compliant. But that may change [...]

Almost all SMS messaging platforms aren’t HIPAA Compliant. There is no HIPAA rule that particularly [...]

Healthcare companies and business associates that would like to access or share protected health information [...]

The Health Insurance Portability and Accountability Act of 1996 is an important legislation to the healthcare [...]

When WhatsApp declared it was launching end-to-end encryption,  healthcare organizations became interested [...]

Slack is an effective tool for communication and collaboration, however, there is a question on using Slack [...]

It is the duty of HIPAA covered entities to make sure that their personnel know the right steps for reporting [...]

A patient is unable to sue a healthcare organization for a HIPAA violation and demand damages even though the [...]

The Health Insurance Portability and Accountability Act (HIPAA) is a legislation introduced in 1996, mainly [...]

The Healthcare Insurance Portability and Accountability Act (HIPAA) requires covered entities and business [...]

Because of the recent data breaches, the U.S Senate Committee on Finance, the House Committee on Energy and [...]

The Department of Health and Human Services (HHS) Centers for Medicare and Medicaid Services (CMS) protect [...]

Whether you have a large or small business, if you’re engaged in the healthcare industry, HIPAA compliance [...]

Pharmacies are HIPAA-covered entities that must comply with the acceptable uses and disclosures of protected [...]

Healthcare workers such as nurses have direct involvement in the care of patients and often get access to [...]

Verizon’s annual Protected Health Information Breach Report is out. The report revealed the result of [...]

OCR explained in its March 2018 cybersecurity newsletter the importance of contingency planning. The HIPAA [...]

Google Forms is an online tool that anyone can use to create surveys and get feedback from people. Can [...]

Google Sheets is a web-based Google program that allows the creation, viewing and sharing of spreadsheets. [...]

ProPublica released a study in 2015 that showed the reality of HIPAA social media violations involving [...]

Yammer is another platform that healthcare organizations can potentially use for sharing ePHI. Does it [...]

HIPAA compliant file sharing requires maintaining the security, integrity and confidentiality of PHI both at [...]

Google Sheets is a service provided by Google to create, view and share spreadsheets. Can HIPAA-covered [...]

IBM Cloud is a service offered by IBM allowing organizations to do certain functions such as building native [...]

Cloud service providers are classified as business associates based on the HIPAA Omnibus Rule, which states [...]

Cloud storage services make it very convenient for people to share and store data. People using different [...]

The HIPAA Security Rule calls for the efficient management of information access. Personnel who are given [...]

When HIPAA-covered entities and their business associates cease operations, the obligation to follow HIPAA [...]

MediaPro published a recent report indicating the lack of preparedness of the healthcare industry to deal [...]

The Health Insurance Portability and Accountability Act (HIPAA) Rules aim to keep protected health [...]

According to the HIPAA password requirements, there must be procedures in place for creating, changing and [...]

What are considered individually identifiable health information?  What are the permitted uses and [...]

Healthcare organizations often ask if they can use a Hotmail account to send protected health information. [...]

Most healthcare organizations today use mobile devices including laptop computers, tablets, mobile phones and [...]

The HIPAA Breach Notification requirements must be followed by all covered entities and business associates [...]

When a reportable HIPAA breach occurs, the covered entity and its business associates need to comply with the [...]

Following the HIPAA breach notification requirements is a must for all HIPAA covered entities. This entails [...]

ShopRite Supermarkets, Inc announced to its pharmacy customers about a security breach as a result of the [...]

One of the most confusing aspects of HIPAA legislation is HIPAA compliance for self-insured group health [...]

HIPAA violation penalties for nurses who breach HIPAA Rules can range from disciplinary action, to [...]

Many covered entities want to take advantage of cloud storage services, but it is important to determine [...]

Messaging platforms such as Skype are an efficient way of communicating between individuals and groups, but [...]

Stolen mobile devices and hacking incidents may result in the biggest exposures of protected health [...]

Trying to decipher the HIPAA Compliance of Google Drive can be confusing. HIPAA compliance relates less about [...]

Despite the fact that many dental clinics are self-contained centers, the HIPAA rules for dentists apply to [...]

The theft of mobile devices could result in a major exposure of Protected Health Information (PHI); but, [...]