A national effort to solve patient misidentification errors is suspended, the College of Healthcare Information Management Executives announced on November 15.
Q: It is my understanding that we can make PHI disclosures using our EHR for payment/treatment/healthcare operations without a consent and that we do not need to track these requests for an accounting of disclosures. Has this changed?
Too often, organizations fall for common HIPAA myths and erroneously incorporate them into otherwise sound, good-faith compliance efforts. That can lead to wasted time and resources, duplicative work, or even outright noncompliance.
Q: A local school has asked us to come in and provide flu shots to the students and staff. Do we need to ask each person who gets the shot to sign our Notice of Privacy Practices (NPP), or can the school do so on their behalf and provide the information to them?
Email is a routine and essential part of communication in healthcare—even when communicating PHI. But setting and enforcing HIPAA-compliant email policies continues to be tricky for many organizations.
