AMA/AHA Security Recommendations for Mitigating COVID-19 Cyber Risks: HIPAA & HITECH Act Blog by Jonathan P. Tomes
It isn’t exactly HIPAA, but because the Security Rule’s Security Management Process, 45 C.F.R. § 164.306(a), certainly requires covered entities and business associates to maintain .. read more
Important Government Warnings about Ransomware: HIPAA & HITECH Act Blog by Jonathan P. Tomes
You may think that I am going overboard with all my recent blogs about ransomware. But I’m not. It is that much of a problem. .. read more
HIPAA Violations Are Still Mostly People, Not Technology: HIPAA & HITECH Act Blog by Jonathan P. Tomes
I learned a long time ago, when I served in that contradiction of terms, military intelligence, that the big risk, at that time to defense .. read more
Health and Human Services’ Changes to 42 C.F.R. Part 2: HIPAA & HITECH Act Blog by Jonathan P. Tomes
Although the topic of this blog item is slightly off the topic of HIPAA, it is sufficiently related to HIPAA to merit analysis. 42 C.F.R. .. read more
OCR Relaxes Telemedicine Enforcement During Coronavirus Pandemic: HIPAA & HITECH Act Blog by Jonathan P. Tomes
During the COVID-19 public health emergency, the U.S. Department of Health and Human Services (“HHS”) has authorized HIPAA covered entity providers to communicate with patients .. read more
HHS Office for Civil Rights and the Department of Education Issue Updated Guidance on Sharing Student Health Records under HIPAA and FERPA: HIPAA & HITECH Act Blog by Jonathan P. Tomes
Having had the good fortune to be a HIPAA consultant for several universities, I am quite aware of the confusion that could result from possibly .. read more
HIPAA and Patient Portals: HIPAA & HITECH Act Blog by Jonathan P. Tomes
Regardless of how comfortable one is with high-tech methods of communicating with patients, little doubt exists that patient portals are here to stay. As you .. read more
What Do You Do If the HIPAA S**t Hits Your Fan and the Feds Come after You?: HIPAA & HITECH Act Blog by Jonathan P. Tomes
Many of you will (hopefully) never need the guidance in this blog post. And I have never read a HIPAA blog post or article talking .. read more
PHI with No Cover Sheet Warning Left on a Desk—Who’s Liable? HIPAA & HITECH Act Blog by Jonathan P. Tomes
One of our EMR Legal clients and Veterans Press customers recently emailed me the following question: If a workforce member leaves a page from a .. read more
Deny Me My Records? Pay $85,000 under the HIPAA Right of Access! HIPAA & HITECH Act Blog by Jonathan P. Tomes
I have previously written about one of the easiest ways to get a civil money penalty (or a state sanction (see California)—that is, failing to .. read more