Posts from May 2019.
HIPAA and Cybersecurity - Part Two / Breach Response

As mentioned in Part One of this two-part discussion on the Health Insurance Portability and Accountability Act (HIPAA), HIPAA has become a pervasive force within the practice of medicine.  All health care providers should be conducting some form of meaningful annual training with their employees.  In Part One, we discussed hacking and criminal behaviors targeted at health care companies, and those will always be very difficult to anticipate and prevent.  By contrast, health care providers can do a great deal to avoid the kinds of internal HIPAA violations – usually committed by ...

HHS Issues Regulations Protecting Against Religious Discrimination in Health Care

On May 2, 2019, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued new guidelines expanding the provider conscience rule for health care workers and entities participating in federally funded programs. The "conscience rule" allows individuals and entities to refuse to perform, accommodate, or assist with certain health care services, such as birth control, abortions, or sterilization procedures, on religious or moral grounds.

The new protections, effective 60 days following pending publication in the federal register, apply to ...

Posted in Cybersecurity, HIPAA
HIPAA and Cybersecurity - Part One

Since its passage by Congress in 1996, the Health Insurance Portability and Accountability Act (HIPAA) has become a pervasive force in the health care industry.  While most, even within the medical field, do not know exactly how HIPAA works or how far it reaches, almost everyone, especially within the medical field, has been taught to be afraid of it.  This post is part one of a two-part discussion on HIPAA, the issues to be aware of when considering patient confidentiality, and how to deal with any confidentiality breaches or HIPAA violations.

As “covered entities” under HIPAA ...