Despite Bitglass, Inc.'s newness to the healthcare market, the company offers a mobile device management (MDM) solution that is simpler and far less invasive than most solutions available today?something of a feat, as securing data on mobile devices is usually not an easy task.
Q: It is my understanding that written authorization is required for the release of PHI even for treatment, payment, and operations purposes. I believe this is true in New York state, but am unsure if it is also true nationally.
Hackers gained unauthorized access to the information technology system of Anthem, Inc., and exposed the PHI of more than 80 million people who are currently or were previously covered by the insurance provider. The attack also exposed the PHI of Anthem's employees, including President and Chief Executive Officer Joseph R. Swedish.
Release of information (ROI) is typically a function that is managed by the HIM department, but privacy and security officers often play a critical role in ensuring records remain secure during transmission.
There's considerable confusion about what HIPAA means and what your obligations are under the regulations. I recently presented at a Midwest physician association conference. As is almost always the case, in the front row was an attendee just waiting for the Q&A session.
Q: Is there a sample risk analysis about how an enterprise or clinic might evaluate and determine if data-at-rest protection through encryption is reasonable and appropriate as defined in the HIPAA Security Rule?
Q: I work in long-term care and I am familiar with the language in HIPAA regulations regarding requests for electronic copies of medical records for a reasonable fee according to community standards. However, my company does not maintain its medical records in electronic form, nor do we presently have the capability of converting our paper records into electronic format. Our state legislature addressed the issue of "reasonable charges and community standards" by state statute in 2006 by providing a formula for every medical provider to follow state-wide for copy charges regarding paper copies.
