-
Briefing: How to avoid a health care data breach
A data breach can be quite costly to a provider's budget and reputation. This briefing offers advice for securing health care data to comply with HIPAA and HITECH Act rules. Briefing
-
IT compliance: FAQs about IT operations, regulations and standards
This index links to resources about the relationship between IT operations and compliance regulations and standards, including HIPAA, e-discovery, SOX and PCI. FAQs
-
FAQ: How will mandatory encryption standards affect IT operations?
Learn how emerging mandatory encryption standards will affect IT operations. FAQ
-
Enterprise document management FAQ: IT operations and compliance
Find answers and resources to frequently asked questions about the relationship of enterprise document management to IT operations and compliance. FAQ
-
Compliance news quiz: Test your knowledge of FTC, SB 20, PCI and more
What is the FTC up to? What bill did California Gov. Arnold Schwarzenegger recently veto? Learn the answers to these questions and more by taking our latest compliance news quiz. Quiz
-
HITECH FAQ: What is the impact of the HITECH Act on IT operations?
This resource provides answers and resources to frequently asked questions regarding the Health Information Technology for Economic and Clinical Health (HITECH) Act. FAQ
-
FAQ: What is the impact of HIPAA on IT operations?
This FAQ provides guidance on how the Health Insurance Portability and Accountability Act affects IT operations, including what is required and what penalties are applied. FAQ
-
Retooling HIPAA business associate agreements for updated rules
What should hospitals be adding to HIPAA business associate agreements in the light of the HITECH Act mandates about to go into effect? A recent AHIMA event offered much advice. News | 15 Mar 2011
-
Meaningful use incentives, compliance raise concerns for hospital execs
Hospitals remain unconvinced they can meet even the relaxed criteria for meaningful use. Smaller incentives, which reward only a whole campus, not each facility, fail to help. News | 26 Jul 2010
-
For doctors, meaningful use final rule mostly positive
Doctors stand a better chance of achieving meaningful use under the final rule spelled out by CMS and ONC, but some tweaking of EHR systems will still be necessary to comply. News | 22 Jul 2010
-
Google adds Dashboard: Does transparency mean more online privacy?
Google supports national privacy law, introduces Web dashboard that will allow users to have more control over their online privacy settings for its services. Article | 06 Nov 2009
-
HITECH moves electronic health records forward; standards to come
Healthcare experts see HITECH improving privacy protection and metrics, but HIT standards for electronic health records are still being finalized. Article | 28 Sep 2009
-
Healthcare, cybersecurity policy and privacy on legislative agenda
As Congress moves into its fall term, healthcare, cybersecurity policies and privacy top a legislative to-do list that will affect compliance and security pros. Article | 17 Sep 2009
-
Record locator service a step to health information exchange
A Minnesota health collaborative moves closer to the nation's goal of health information exchange with a record locator service that keeps data behind each facility's firewall. Article | 16 Sep 2009
-
FTC pursuing HIPAA violations as a matter of consumer protection
The CVS Caremark case shows the FTC is ready to pursue enforcement of stronger HIPAA laws as a matter of consumer protection -- another reason to review security policies. Article | 09 Sep 2009
-
New HIPAA data breach notification rules put health industry on notice
New data breach notification rules for HIPAA have health care organizations scrambling to get their privacy practices and those of their partners in shape. Article | 01 Sep 2009
-
Mass. officials, compliance officers debate data protection law
State officials and compliance officers explore what compliance with the Massachusetts data protection law will mean. Article | 17 Jul 2009
- See More: News on HIPAA and other healthcare compliance requirements
-
Addressing HIPAA privacy compliance on hospital wireless networks
Medical devices, tablets, smartphones and RFID are forcing hospital wireless networks open. HIPAA privacy compliance is harder than ever, however. Here's how CIOs can cope. Tip
-
Key EHR technology features to consider when buying software
An investment in EHR technology should not be taken lightly. Here we identify EHR systems' key features -- from CPOE to data exchange -- that providers should weigh before buying. Tip
-
Web-based EHR may make sense for some providers
A Web-based EHR system may be preferable to a bulky, client-based application for providers concerned about high implementation, maintenance and infrastructure costs. Tip
-
Finding the right EHR vendor for your facility: A buyer's guide
For solo physician practices, as well as multihospital systems straddling state lines, the steps for choosing an EHR vendor are similar. This buyer's guide covers all the bases. Tip
-
Information security and compliance in the life sciences, revisited
Information security and compliance have special meaning for the life sciences, given the potential for reputation harm and privacy breaches. Tip
-
Life sciences have special information security and compliance needs
The big pharmaceutical companies are research and development organizations with unique ethical and regulatory requirements that must be met -- or human beings may suffer terrible consequences. Tip
-
HIPAA-covered entities' first step should be a quality assurance plan
HIPAA-covered entities must leverage or install a good QA team, an effort that should be driven from the top down and be part of the strategic plan of the technology organization. Tip
-
Discovery of data breach under HITECH raises big compliance questions
The new HHS data breach discovery rule under the HITECH Act is specific, so determining exactly when a breach has been discovered becomes critically important. Tip
-
HIPAA-covered entities, business associates confront HITECH rules
How HIPAA covered entities and HIPAA business associates should implement new, tougher health care and data privacy rules set by the HITECH Act. Tip
-
How to mitigate operational, compliance risk of outsourcing services
Companies must have an approach to evaluating partner risk, the level of risk of both the service and the provider, and the adequacy of the security practices of the provider. Tip
- See More: Tips on HIPAA and other healthcare compliance requirements
-
HIPAA covered entity
A HIPAA covered entity is any organization or corporation that directly handles Personal Health Information (PHI) or Personal Health Records (PHR). Definition
-
personal health record (PHR)
A personal health record (PHR) is a collection of health-related information that is documented and maintained by the individual it pertains to. Word
-
Dossia
Dossia is a Web-based framework for storing and managing personal health records (PHR). With Dossia, a qualified individual can aggregate his medical data from insurance claims and pharmacy records and store them in a private, encrypted electronic he... Word
-
Retooling HIPAA business associate agreements for updated rules
What should hospitals be adding to HIPAA business associate agreements in the light of the HITECH Act mandates about to go into effect? A recent AHIMA event offered much advice. News
-
Briefing: How to avoid a health care data breach
A data breach can be quite costly to a provider's budget and reputation. This briefing offers advice for securing health care data to comply with HIPAA and HITECH Act rules. Briefing
-
HIPAA covered entity
A HIPAA covered entity is any organization or corporation that directly handles Personal Health Information (PHI) or Personal Health Records (PHR). Definition
-
IT compliance: FAQs about IT operations, regulations and standards
This index links to resources about the relationship between IT operations and compliance regulations and standards, including HIPAA, e-discovery, SOX and PCI. FAQs
-
Addressing HIPAA privacy compliance on hospital wireless networks
Medical devices, tablets, smartphones and RFID are forcing hospital wireless networks open. HIPAA privacy compliance is harder than ever, however. Here's how CIOs can cope. Tip
-
Key EHR technology features to consider when buying software
An investment in EHR technology should not be taken lightly. Here we identify EHR systems' key features -- from CPOE to data exchange -- that providers should weigh before buying. Tip
-
Web-based EHR may make sense for some providers
A Web-based EHR system may be preferable to a bulky, client-based application for providers concerned about high implementation, maintenance and infrastructure costs. Tip
-
Finding the right EHR vendor for your facility: A buyer's guide
For solo physician practices, as well as multihospital systems straddling state lines, the steps for choosing an EHR vendor are similar. This buyer's guide covers all the bases. Tip
-
Meaningful use incentives, compliance raise concerns for hospital execs
Hospitals remain unconvinced they can meet even the relaxed criteria for meaningful use. Smaller incentives, which reward only a whole campus, not each facility, fail to help. News
-
For doctors, meaningful use final rule mostly positive
Doctors stand a better chance of achieving meaningful use under the final rule spelled out by CMS and ONC, but some tweaking of EHR systems will still be necessary to comply. News
- See More: All on HIPAA and other healthcare compliance requirements
About HIPAA and other healthcare compliance requirements
The Health Insurance Portability and Accountability Act (HIPAA) has established standardized mechanisms for the exchange, security and confidentiality of healthcare-related data. Find the latest HIPAA-related news and guidance for regulatory compliance professionals.