Children’s Health Records and You: HIPAA & HITECH Act Blog by Jonathan P. Tomes
Parents who have minor children have legitimate concerns about their children’s health records as used, disclosed, and maintained by their health care providers, insurers, and .. read more
New Sample BAA to Consider: HIPAA & HITECH Act Blog by Jonathan P. Tomes
Because I have a number of current California clients and past ones who may be Premium Members, I have revised my sample Business Associate Agreement .. read more
Not-for-Profit Business Associate—No Risk Analysis: $650,000 Settlement: HIPAA & HITECH Act Blog by Jonathan P. Tomes
The Catholic Health Care Services of the Archdiocese of Philadelphia (“CHCS”), a not-for-profit business associate, was the corporate owner of six nursing homes and provided .. read more
Illinois Joins California in Affording More Protection to Personal Information: HIPAA & HITECH Act Blog by Jonathan P. Tomes
In May, the Governor of Illinois, Bruce Rauner, signed amendments to the Illinois Personal Information Protection Act (“PIPA”), 815 ILCS 530/1 et seq., expanding the .. read more
OCR Issues Revised Audit Protocol: HIPAA & HITECH Blog by Jonathan P. Tomes
In April 2016, the U.S. Department of Health and Human Services (“DHHS”) Office for Civil Rights (“OCR”) issued its updated Phase 2 Audit Protocol. Its .. read more
Another HIPAA Breach Settlement for Not Having Had a Business Associate Agreement in Place: HIPAA & HITECH Act Blog by Jonathan P. Tomes
My Vice President and editor, Alice M. McCart, always says that she hates it when I’m always right. I always mess with her by saying, .. read more
$1.55 Million Settlement Stresses Importance of Business Associate Agreements: HIPAA & HITECH Act Blog by Jonathan P. Tomes
A recent settlement in lieu of a civil money penalty underscores the importance of having business associate agreements in place with entities that perform a .. read more
Two New Items for You in Premium Member Section: Volunteer Policy and Two More Chapters of HITECH Hysteria: HIPAA & HITECH Act Blog by Jonathan P. Tomes with Guest Commentator Alice M. McCart
For those of you who have been waiting for a volunteer policy separate and apart from Jon’s Workforce Security Policy, you’re in luck. It is .. read more
California Determines What Is Reasonable and Appropriate for Securing Health Information: HIPAA & HITECH Act Blog by Jonathan P. Tomes
HIPAA requires covered entities and business associates to implement reasonable and appropriate security measures in § 164.308(a)(1)(ii)(B), the risk management Administrative safeguards, but although it does .. read more
Shooting, God Forbid, on the Premises of a Health Care Provider or Business Associate, Including HIPAA Aspects: HIPAA & HITECH Act Blog by Jonathan P. Tomes
Yet another mass shooting, this one in a Social Services Agency in San Bernardino, CA, coupled with my being asked to weigh in on protecting .. read more