An important part of a compliance officer's job is responding to noncompliance complaints.
Experience is said to be the best teacher, so learn from the mistakes made at other organizations.
It may not be the proverbial keys to the kingdom, but OCR's recently published audit protocol for its current privacy and security audits gives healthcare organizations an inside look at the inspection process.
Mobile devices-thumb drives, smartphones, external hard drives, tablets, and laptop computers-are creating risks for PHI exposure.
Education is giving people the knowledge they need. Training helps them develop the skills that allow them to put that knowledge to use.
Q What is your opinion on providing extra protection for the medical records of staff who are also patients in an organization?