Skip to main content

Browse by Speciality Area

Browse by Product Type

All Products

All Access Subscription

Get unlimited access to our full publication and article library.

Get Access Now

Interested in Group Sales? Learn more

Articles Tagged With: PHI

  • When a Privacy Breach Is Not a Breach

    Language is important when talking about noncompliance with HIPAA. Not every instance of noncompliance is a breach.

    Read more

  • HHS Issues HIPAA Best Practices for Telehealth

    The Department of Health and Human Services published a resource guide to assist telehealth providers in explaining the privacy and security risks to patients, but the guidance makes clear HIPAA does not require this education. However, the goal is for the resource guide to help providers who would like to discuss potential risks with the patient.

    Read more

  • First HIPAA Settlement for Ransomware, Fine for Phishing

    The Office for Civil Rights achieved two firsts recently: a settlement agreement related to a ransomware attack on a business associate and the first fine issued for a phishing attack. Both cases hold lessons for other covered entities.

    Read more

  • OCR Updates HIPAA Assessment Tool

    The Office for Civil Rights has updated a self-assessment tool that covered entities can use to determine how well they are complying with HIPAA, and the new version presents an opportunity to see how useful the resource can be.

    Read more

  • What to Expect After a HIPAA Violation

    Discovering a HIPAA violation in your organization inevitably causes anxiety about what will follow and how bad the consequences can be. Understanding the process and what to expect can ease some of the worry and help you manage the process to the best possible resolution.

    Read more

  • Information Blocking Still Happening After Cures Act

    Information blocking is a threat to patient safety, but it still occurs regularly, despite the penalties for noncompliance laid out by the 21st Century Cures Act. Recently, the HHS Office of Inspector General announced its final rule establishing penalties of up to $1 million for any entities that block the flow of necessary health data.

    Read more

  • Plan Now for Eventual HIPAA Changes

    HHS has been expected to finalize proposed modifications to HIPAA in 2023, but it now appears that will not happen until December 2024 — or later. Whenever the changes come, covered entities will need to review their compliance policies and update them within 180 days of final rulemaking.

    Read more

  • State Laws on PHI Require Careful Consideration

    Complying with HIPAA requirements on patient privacy may be difficult sometimes, but it is not enough. State laws also apply — and they may come with different requirements.

    Read more

  • Email Retention Requirements for HIPAA Often Misunderstood

    HIPAA requires that certain emails and other electronic communications be retained for a set period, but covered entities often misunderstand exactly what must be saved and for how long. The Security Rule requires healthcare organizations and health plans to retain electronic communications containing HIPAA policies and procedures for at least six years.

    Read more

  • OCR’s Report to Congress Shows Increase in Complaints

    The Office for Civil Rights’ annual report to Congress showed “significant increases” in HIPAA complaints — 34,077 new complaints in 2021, a 25% increase from 2020. Complaints increased 39% from 2017 to 2021.

    Read more