This post, Two HIPAA Mistakes Lead to Fines from OCR, first appeared on http://www.natlawreview.com/. Monday, May 1, 2017 It was a busy April for the Office for Civil Rights (“OCR”) (see our prior post on a settlement from earlier in April). On April 20, OCR announced a Resolution Agreement with Center for Children’s Digestive Health, S.C. (“CCDH”) related to CCHD’s failure to enter into a business associate agreement with a paper medical records storage vendor.  The cost of that missing agreement? $31,000.  Then, on April […]

This post, Between RCRA and a Hard Place: Operating Under Conflicting Regulations, first appeared on http://ehsdailyadvisor.blr.com. HazMat Transportation Clare Condon Monday – April 24, 2017 Do federal hazardous materials transportation regulations outweigh how a state interprets and enforces hazardous waste regulations? In times when the federal government bends toward extreme leniency or extreme enforcement, cases such as one currently playing out in Oregon could have ramifications for environment, health, and safety managers (EHS) nationwide. What are […]

This post, How healthcare organizations should prepare for a HIPAA audit, first appeared on www.healthdatamanagement.com. The time to prepare for a HIPAA audit is before the notification letter of a forthcoming audit hits a provider organization’s mailbox. Absent preparation, an entity facing an audit will have to scramble to develop policies and procedures for protecting health information, and performing that through a rush job will look exactly like a rush job to regulators, who are […]

This post, Lack of BAA at Center of New HIPAA Settlement, first appeared on http://www.govinfosecurity.com. Marianne Kolbasuk McGee (HealthInfoSec) • April 24, 2017 Federal regulators have signed a $31,000 HIPAA settlement with a small Illinois-based pediatric specialty practice, citing the lack of a business associate agreement with a vendor hired to store paper records containing patients’ protected health information. Although the April 21 settlement with the Center for Children’s Digestive Health centers on paper-based PHI, […]

This post, Healthcare leaders crown employee cybersecurity awareness as primary threat concern, first appeared on http://www.healthcaredive.com. Author: Meg Bryant Published: April 20, 2017 Dive Brief: Nearly 80% of healthcare leaders say employee awareness is their greatest security threat concern, despite 85% maintaining they have existing employee security awareness programs, according to a new survey. The survey of 125 health IT executives — conducted by HIMSS Analytics for Level 3 Communications — found that one third […]

This post, Social Media Policy Instructions for Your Medical Practice, first appeared on www.diagnosticimaging.com. By Michael Sacopulos, JD In this digital age, every business needs two social media policies: one for material posted in the organization’s official social media communications, and one for employees’ mentions of work-related matters in their personal social media communications. The unique nature of a medical practice makes such policies essential, as HIPAA regulations require all providers have policies, procedures, and […]

This post, Watch out for these HIPAA violations in online reviews, first appeared on www.modernmedicine.com. When most physicians think of the Health Insurance Portability and Accountability Act (HIPAA), their immediate thought is a data breach. But they should also be keenly aware that they can violate the federal law simply by replying to a negative online review. Most physicians are familiar with Yelp. Besides being the leading crowd-sourced rating site for restaurants, hotels and just […]

This post, First Aid Preparedness, first appeared on www.ohsonline.com. Having trained personnel ready and willing to render first aid will reassure other co-workers and make them feel safer themselves. By Fred Elliott (Apr 01, 2017) An OSHA enforcement case announced in December 2016 is a good example of the kind of worker injury where a co-worker might have to respond quickly with first aid assistance. The agency proposed $274,934 in penalties against an Ohio plastics […]

This post, HazCom: Understanding ‘Hazard Not Otherwise Classified’, first appeared on www.safetyandhealthmagazine.com. Responding is Robert Ernst, editor – workplace safety, J. J. Keller & Associates Inc., Neenah, WI. The revised Hazard Communication Standard (29 CFR 1910.1200) created a need to identify hazards not covered by the classes adopted from GHS or that OSHA did not adopt. So OSHA created the “Hazard Not Otherwise Classified” definition to cover health or physical hazards for which the standard […]