Harmony Healthcare Blog

HIPAA - Individually Identifiable Information: Know the Rules!

Posted by The Harmony Team on Mon, Feb 23, 2015
As long-term care facilities continue to adapt to 2015 changes, it is important that they remember to implement compliance safe guards.  Facilities need to be committed to bridging existing codes of conduct to develop reasonable safeguards required by the Privacy Rule. One such policy includes incidental use and disclosure of confidential health information (also known as Protected Health Information or “PHI”). Per the requirements in the HIPAA Privacy Rule (See 45 CFR 164.530), protect the confidentiality of individually identifiable patient health and financial information from any unauthorized intentional or unintentional use or disclosure. 
Read More

Topics: Compliance, HIPAA, ePHI, Privacy

Avoiding Data Breaches in Your SNF: 10 Scenarios to Look Out For

Posted by Sameer Sule on Tue, Sep 23, 2014

It has become a bad routine. A new week, another data breach report in the news. The recent breach reported by Community Health Systems Inc., affected 4.5 million patients!  This data breach parade isn’t likely to stop soon. Healthcare organizations big and small continue to lose confidential patient data at an alarming rate, resulting in serious consequences for them and their patients. It is therefore vital that skilled nursing homes (SNFs) take adequate steps to protect confidential patient information as they transition their business from the paper to the digital world.

The HIPAA Security Rule requires healthcare organizations and their business associates to protect the confidentiality, integrity and availability of their electronic protected health information (ePHI) at rest (stored) and in motion (transmitted). It is a common misconception among healthcare organizations to assume that they are HIPAA compliant and/or their ePHI is secured if:

  • They use HIPAA compliant technology and/or;
  • They do not have an EMR (electronic medical record)

Nothing can be further than the truth. First of all, technology is not HIPAA compliant, organizations are! This means that SNFs need to use the technology in a secure HIPAA complaint manner. Second, ePHI does not reside only in the EMR. It is also in emails, in documents and images on computers, servers and mobile devices like laptops, cell phones, tablets and USB memory sticks. Healthcare professionals are also using texting and online file sharing services to conveniently share confidential information. Any of these avenues can potentially be the cause of a major data breach.

Read More

Topics: ePHI, Data Breach, software

Conducting Your Skilled Nursing Facility Risk Analysis

Posted by Kris Mastrangelo, OTR/L, LNHA, MBA on Tue, Jun 24, 2014

Conducting Your Skilled Nursing Facility Risk Analysis:  Last year, HIPAA privacy, security and breach notification rules were made applicable to healthcare providers, payers and clearinghouses. The HIPAA Security Rule establishes national standards to protect individuals’ electronic personal health information that is created, received, used, or maintained by a covered entity. The Security Rule requires appropriate administrative, physical and technical safeguards to ensure the confidentiality, integrity, and security of electronic protected health information.

Read More

Topics: SNF, Skilled Nursing Facility, EMR, Electronic Medical Record, ePHI, Patient Data

Subscribe to The HHI Blog

Posts by Topic

see all
New Call-to-action

Stay connected!