Q: Is there a sample risk analysis about how an enterprise or clinic might evaluate and determine if data-at-rest protection through encryption is reasonable and appropriate as defined in the HIPAA Security Rule?
There's considerable confusion about what HIPAA means and what your obligations are under the regulations. I recently presented at a Midwest physician association conference. As is almost always the case, in the front row was an attendee just waiting for the Q&A session.
Release of information (ROI) is typically a function that is managed by the HIM department, but privacy and security officers often play a critical role in ensuring records remain secure during transmission.
At HCPro's Accreditation Specialist Boot Camp, we continue to receive questions about standing orders, protocols, and verbal/telephone orders. With spring on its way by the time this article is published, I thought a fresh look at these topics would be in order (no pun intended). Let's try to dispel the myths and go straight to what the regulations say and what is best practice to meet them.
Coding tells a patient's story, based on the narrative the physician provides in his or her documentation. Accurately painting a picture of the patient's severity of illness (SOI) and risk of mortality (ROM) is essential for good patient care, and it is becoming increasingly important for quality measures and payment.
