Aris Medical Solutions Blogs

Keeping you informed and prepared

HIPAA Compliance Officer Responsibilities

Most practices cannot afford to hire a HIPAA Compliance Officer. So, practice owners often assign their Office Manager or their Practice Administrator for the HIPAA Compliance Officer Responsibilities. Since they are not trained as a Compliance Officer, many times, HIPAA...
Read More

Patient Right of Access – what does this really mean?

Patients’ right of access has extreme consequences if they are not handled properly. It starts the moment a patient makes this request. HIPAA prohibits unreasonable measures when patients request access to their medical records. Most practices think this request MUST...
Read More

The OCR and FTC are investigating online tracking technologies

We wrote about this back in December 2022, but the Office for Civil Rights (OCR) and the Federal Trade Commission (FTC) has added an additional warning. The OCR has confirmed its active investigations nationwide to ensure compliance with HIPAA. The...
Read More

Business Associate fined for a data breach UNDER 500 patient records

Most of us are familiar with fines for data breaches of over 500 patient records. This time a business associate was fined $75K for 267 records. Covered entities are responsibility to vet their business associates. This includes making sure they...
Read More

Could terminating an employee trigger an OCR investigation?

We have been asked this several times, so we decided to write a notification about this subject. When it is time to terminate an employee, it is never easy. Whether they are a short- or long-term employee, it can be...
Read More

OCR announces the formation of a new Enforcement Division

Is more HIPAA Enforcement on the way? The U.S. Department of Health and Human Services (HHS), through the Office for Civil Rights (OCR), announced the formation of a new Enforcement Division, Policy Division, and Strategic Planning Division. The newly established...
Read More

HIPAA Audits and Penalties have been requested to increase in 2023

The Department of Health and Human Services (HHS) delivered their annual report to congress and noted there have been significant increases in HIPAA complaints and large breaches. They also noted that there have not been increases in appropriations during the...
Read More

Right of Access – Time limit on Medical Records Requests

When a patient or a patient’s representative requests a copy of medical records it is very important to act promptly. Currently you have 30 days to comply with this request, and one 30-day extension (if you advise the patient/representative that...
Read More

HIPAA 2022-2023 Proposed Changes

Happy New Year! As we look back on 2022, we noticed that the Office for Civil Rights (OCR) has really started enforcing the Patients Right of Access. To see a list of fines and resolutions agreements, check out our What...
Read More

Scammers never sleep

Scammers are always busy trying different tactics to get to your wallet. During holidays is no different. Bad actors use the holidays and people’s goodwill to fool them into giving. Be careful of offers that are too good to be...
Read More

OCR issues Bulletin with HIPAA Requirements for Online Tracking

The Office for Civil Rights (OCR) has issued a bulletin to remind covered entities and business associates of their obligations under HIPAA when using online tracking technology. These technologies include but are not limited to Google Analytics, Meta Pixel, Cookies,...
Read More

Can a Medical Practitioner be sued for a HIPAA Violation or a Data Breach?

With so many data breaches in the news many medical practitioners are asking if they can be sued over HIPAA violations or from a data breach. HIPAA rules state there is no private right of action, therefore, a patient cannot...
Read More

Can a medical provider accept cash payments when a patient has insurance?

The Omnibus rule, also known as the “Final” rule changed HIPAA in many ways. It gave HIPAA teeth and included business associates as being liable under the HIPAA rules. I thought most medical providers had been made aware of the...
Read More

Healthcare Cyber-Attacks on the Rise

It is no secret that patient data is valuable on the black market. Cyber criminals will try many different methods to gain access to this data. The Office for Civil Rights (OCR) stated in their Cybersecurity Newsletter that there has...
Read More

HIPAA and Emergencies – How to Respond

First, I hope that all of you and your loved ones are safe. Fiona and Ian have affected many places, and many have suffered so much. Prayers for all… HIPAA Applies Only to Covered Entities and Business Associates The HIPAA...
Read More

HIPAA Privacy Facts for Medical Offices

There has been some confusion about when and how to share patient information. I thought it might be a good time to review some of the facts from the HIPAA Privacy and Security Rules. Here are some highlights: The Privacy...
Read More

HIPAA changes and updates for 2022-2023

Since HIPAA’s inception there have been several updates over the years. As technology changes, so must some the of HIPAA rules. We have not seen any major changes since 2013 when the Omnibus Rule gave HIPAA teeth and enforcement became...
Read More

Data Breaches in Healthcare are Increasing

Since 2015 the number of data breaches in healthcare has steadily been rising. This includes medical offices, health plans, and business associates. These breaches range from unauthorized access, loss, theft, but mostly from hacking. Hacking was determined to be from...
Read More

Why it is so important to secure emails that contain PHI

We have advised our clients for years to only transmit protected health information (PHI) if it is encrypted. We have also recommended encryption for the data at rest. With the rise of hacking, this is never more important. There are...
Read More

What does “Recognized Security Practices” mean?

We have talked in the past about the Office for Civil Rights conducting a minimum of a 12 month look back for data security/ HIPAA compliance efforts. If an organization suffers a breach, with proper documentation fines may be waived. This...
Read More
1 2 3 6
©2023 Aris Medical Solutions – HIPAA Risk Management | HIPAA Compliance Consultants | All Rights Reserved | Terms and Conditions | Privacy Policy
The content and images on this website is owned by Aris Medical Solutions and their owners. Do not copy any content or images without our consent.
Powered by Bandwise LLC
error: Content is protected !!