Q: The company I work for has long debated what to do about medical records that are sent out on CDs. We concluded that since paper records could not be encrypted, we shouldn't have to worry about encrypting the CDs.
The HIPAA Privacy, Security and Breach Notification Rules require the development and implementation of policies. Covered entities must address all the standards in the rules
As privacy officer of a healthcare organization that includes about 12,000 employees in 14 hospitals and 30 clinics, Nancy Davis, MS, RHIA, CHPS, is a realist about one thing related to HIPAA compliance: Employees will make mistakes. They are human, after all.
When a patient suffers a traumatic injury or poisoning, we need to report how they became injured and where they were when it happened. You already know this from ICD-9-CM.
