HIPAA

Sending out a mass mailing of a pamphlet that contained Medicare beneficiary numbers resulted in a civil monetary penalty of $6,768,000 for Triple-S Salud, Inc. (TSS), a Puerto Rican health insurance subsidiary.

Q: Our organization does not support the use of USB drives. Is that typical?

Tips from this month's issue

The HIPAA Omnibus Rule has brought significant changes to the HIPAA landscape for covered entities (CE) and their business associates (BA).

Q: I am a registered nurse who received treatment for a health problem in the ED of the hospital that employs me.

The HITECH Act, which included changes to the HIPAA Privacy and Security Rules, was signed into law by President Obama in February 2009-a full five years ago.

If an ambulance that is not affiliated with our organization transports a patient to our facility, can we give them PHI to use for their billing? Do we need the patient's written authorization?

There will always be a host of slick-looking products on the market promising to deliver improved technical security.

What is the privacy and security governance structure like at your organization?I

The healthcare industry is taking lessons from the credit card and financial industry when it comes to preventing fraud.