Healthcare EMR Blog

How To Create a HIPAA Compliant Business Associate Contract

May 28, 2013  |  by robinp  |  Blog, EMRSOAP Services, News

Under the HIPAA Omnibus rule, heath care providers have to be more careful than ever with how they handle protected information. This includes carefully managing any protected information that business associates might handle. According to the U.S. Department of Health and Human Services, a business associate is: “a person or entity, other than a member …

Read More

How safe is your information? A guide on how to make better passwords and use them securely

May 7, 2013  |  by robinp  |  Blog, EMRSOAP Services, News

Passwords have become the primary mechanism by which many people prove their online identity so as to communicate, bank, shop, and use their electronics. This can be a good thing – easier access to information is usually positive. When it comes to protecting sensitive information however, people need to be increasingly careful with what they …

Read More

HIPAA Privacy, Security and Breach Notification Audits – What this means for small providers

May 7, 2013  |  by robinp  |  Blog, EMRSOAP Services, News

On April 23, the HCCA 2013 Compliancy Institute released the initial overview of its Audit of HIPAA privacy, security, and breach notification compliancy. Since December of 2012, 115 performance audits of health care providers, plans, and clearinghouses have been conducted. While the number of audits is small, the results have major implications for small providers. …

Read More

5 important takeaways from the 2013 Verizon Data Breach Report for Healthcare providers

April 23, 2013  |  by benw  |  Blog, EMRSOAP Services, News

1. “A definite relationship exists between industry and attack motive, which is most likely a byproduct of the data targeted.” This is a refrain repeated several times throughout the report.  Given that a significant amount of the attacks are made from malevolent entities that are strictly attempting to steal data for monetary benefit, the data …

Read More

Should we trust our Business Associates?

April 17, 2013  |  by benw  |  Blog, News

In short: yes, you should trust your business associates, but you must verify that they are claiming.  So you should trust them, but you shouldn’t put faith in them.  Whether you are a medical provider dealing with a business associates or a business associates engaging a subcontracting business associate, handing over data on the simple …

Read More

EMRSoap write-up of the HIPAA Hangout by Industry Leaders

January 23, 2013  |  by benw  |  Blog, News

On 1.23.2013, Devin McGraw, Brian Ahier, and David Harlow sat down and chatted about HIPAA.  These are big industry leaders, and it was great to hear their thoughts on the matters involved.  Here’s the link to the video of the Session. Here are links to their media. Brian Ahier’s blog – http://www.ahier.blogspot.com/ David Harlow – …

Read More

Monetary Fines under HIPAA Omnibus Rule

January 22, 2013  |  by benw  |  Blog, News

  There are 4 categories of HIPAA violations that reflect increasing levels of culpability and negligence.  These levels correspond to corresponding tiers of penalties amounts.  The Table below shows these penalties amounts.   More fines Leon Rodriguez has said as much, but there’s going to be more fines under the HIPAA Omnibus Rule.  The very …

Read More

Business Associates under the HIPAA Omnibus Rule

January 18, 2013  |  by benw  |  Blog, News

Who’s a Business Associate under the HIPAA Omnibus Rule? The Definition of Business Associate has been slightly changed to explicitly designate more persons and organizations as business associates. Patient Safety Activities will be added to the list of function that a person can take on behalf of a covered entity that give rise to a …

Read More

HIPAA Omnibus Rule Basic FAQ

January 18, 2013  |  by benw  |  Blog, News

HIPAA Omnibus Rule Basic FAQ: Q: When do I have to start complying with the HIPAA Omnibus Rule? A: The rule is effective on March 26th, 2013.  Covered Entities, their Business Associates, and their respective subcontractors must comply with the new rules by September 23rd 2013.  (page 2 at 15)  Note that this gives you …

Read More

EMRSoap’s HIPAA Omnibus Guide

January 18, 2013  |  by benw  |  Blog, News

HHS just released yesterday the new HIPAA Omnibus rule.  This rule was made to formally include the modifications required from the HITECH act, PSQIA, GINA, and others into HIPAA. The Omnibus rule is intended to make HIPAA compliance clearer.  Somewhat paradoxically, this clarity is coming initially in the form of a 563 page document. Part …

Read More