My office was broken into last night. I use electronic health records, but we do store some protected health information for my patients in paper files. These files are not secured, so the burglars did have access to them. It did not appear that the files were touched as the burglars were looking for cash. What responsibilities to I have to my patients in a situation like this? Do I need to contact them and advise them that their PHI could have been compromised?
Identity theft has become a major problem in the United States. As a prevention measure, the Centers for Medicare& Medicaid Services (CMS) is readying a fraud prevention initiative that removes Social Security numbers from Medicare cards to help combat identity theft, and safeguard taxpayer dollars.
We’re flying through the last quarter of 2016! Before we know it, we’ll be ringing in the new year, so we’d better be ready!
As always, there are end of the year things that we must be sure to complete so as to best prepare for the future and protect …
Q&A: We just learned that for Meaningful Use attestation, we have to complete a Security Risk Assessment. What is that and how do we do it?
We just learned that for Meaningful Use attestation, we have to complete a Security Risk Assessment. What is that and how do we do it?
The HIPAA Security Rule requires that covered entities (your practice) conduct a Security Risk Assessment (SRA) for your organization, at a minimum of once per year. It is critical that practices perform the Security Risk Assessment for multiple of reasons. Not only is it important to comply with rules and regulations, but also, for what you may consider to be a more motivational reason, to protect your practice (and bank account) from what could become disabling fines and penalties.