Home
FAQ's
HIPAA links
Contact Us

Protecting the Privacy of Personal Health Information

 
 

Compliance & Enforcement

 

How to File a Health Information Privacy Complaint

Health Information Privacy Complaint Form [PDF]

Interim final rule: Civil Money Penalties: Procedures for Investigations, Imposition of Penalties, and Hearings [PDF]

 
 

GENERAL INFORMATION

 

The Privacy Rule

HIPAA Statute

The Security Rule

Identifier Standards

What is the Privacy Rule and why has HHS issued regulations?

Privacy Rule Summary [PDF]

HIPAA Glossary & Acronyms

 
 

SMALL PROVIDERS & BUSINESSES

 

HIPAA essentials outline

HIPAA Checklist

OCR Summary - HIPAA Privacy Rule

Frequently Asked Questions

Am I a covered entity?

Covered Entity Flowchart

 
 

HIPAA - Related Links

 

Centers for Medicare and Medicaid Services (CMS)

The Privacy Rule and Public Health (CDC)

The Privacy Rule and Research (NIH)

National Committee on Vital and Health Statistics (NCVHS)

Workgroup for Electronic Data Interchange

Portability of Health Coverage - Dept. of Labor

Full List of HIPAA-Related Links

 
 

For Consumers

 

Fact Sheet: Protecting the Privacy of Patients' Health Information

 

Security Standards for the Protection of Electronic Protected Health Information

 
 

Education Materials

 

Summary of HIPAA Privacy Rule

Guidance on Specific Aspects of the Privacy Rule

Am I a Covered Entity?

Your Frequently Asked Questions on Privacy

Sample Business Associate contract

The Privacy Rule and Research

Misleading Marketing on HIPAA Training

 
 

Current News and Information about HIPAA Compliance, Regulations and Violations

 

 

Massachusetts Ear Group To Pay $1.5 Million To Resolve HIPAA Charges

 

 

Blockchain, HIPAA Regulation Lead Top 10 Stories of 2018 - HealthITSecurity.com
HealthITSecurity.com - Mon, 17 Dec 2018 18:19:00 GMT

Why is HIPAA necessary? - Foreign Policy 2018
Foreign Policy 2018 - Tue, 18 Dec 2018 09:15:00 GMT

OCR Seeks Ideas on HIPAA Rule Changes to Promote Value-Based Care and Coordinated Care - JD Supra
JD Supra - Mon, 17 Dec 2018 21:44:16 GMT

HHS, OCR Seek Industry Feedback on HIPAA Update for Data Sharing - HealthITSecurity.com
HealthITSecurity.com - Wed, 12 Dec 2018 16:16:00 GMT

HHS seeks input on HIPAA changes - Becker's Hospital Review
Becker's Hospital Review - Thu, 13 Dec 2018 19:42:40 GMT

HHS HIPAA Settlements For Data Breaches in CO FL - The National Law Review
The National Law Review - Mon, 17 Dec 2018 04:19:00 GMT

OCR Settles with Colorado Provider for $111,000 over HIPAA Failures - HealthITSecurity.com
HealthITSecurity.com - Tue, 11 Dec 2018 20:46:00 GMT

Why HIPAA laws are causing concerns among parents - WBRC
WBRC - Thu, 13 Dec 2018 04:41:15 GMT

Helping HIPAA Compliance and Vendor Management - hcanews.com
hcanews.com - Fri, 30 Nov 2018 08:00:00 GMT

Make Sure You're HIPAA Compliant Before You Have to Prove It - hcanews.com
hcanews.com - Wed, 21 Nov 2018 08:00:00 GMT

HHS Wants Comments on HIPAA Changes - Occupational Health and Safety
Occupational Health and Safety - Fri, 14 Dec 2018 08:38:13 GMT

Colorado hospital to pay $111K HIPAA settlement - Becker's Hospital Review
Becker's Hospital Review - Wed, 12 Dec 2018 15:24:50 GMT

OCR Fines Florida Physicians Group $500,000 for HIPAA Failures - HealthITSecurity.com
HealthITSecurity.com - Tue, 04 Dec 2018 08:00:00 GMT

Allergy Associates Settles with OCR for $125K over HIPAA Violation - HealthITSecurity.com
HealthITSecurity.com - Mon, 26 Nov 2018 08:00:00 GMT

OCR and Florida Physicians Settle HIPAA Violations - The National Law Review
The National Law Review - Tue, 11 Dec 2018 15:30:38 GMT

Momentum is building to take a fresh look at HIPAA - Health Data Management
Health Data Management - Fri, 07 Dec 2018 08:00:00 GMT

OCR Seeks HIPAA Comments On Coordinated Care - Privacy Protection - United States - Mondaq News Alerts
Mondaq News Alerts - Mon, 17 Dec 2018 10:09:29 GMT

Biggest HIPAA violations of 2018 - MD Linx
MD Linx - Thu, 29 Nov 2018 08:00:00 GMT

AHIMA, AMIA Call for HIPAA Upgrade to Support Patient Access - HealthITSecurity.com
HealthITSecurity.com - Wed, 05 Dec 2018 08:00:00 GMT

HIPAA Penalties For Failure To Cut Off Access To Former Employee - Food, Drugs, Healthcare, Life Sciences - United States - Mondaq News Alerts
Mondaq News Alerts - Mon, 17 Dec 2018 22:45:41 GMT

What Does HIPAA Mean for New Health Tech? - hcanews.com
hcanews.com - Mon, 19 Nov 2018 08:00:00 GMT

AHIMA, AMIA: HIPAA Overhaul Needed for Patient Data Access - PatientEngagementHIT.com
PatientEngagementHIT.com - Thu, 06 Dec 2018 08:00:00 GMT

HIPAA Security Incident - PRNewswire
PRNewswire - Mon, 19 Nov 2018 08:00:00 GMT

1,350 Butler County employees affected by HIPAA breach - Hamilton Journal News
Hamilton Journal News - Thu, 06 Dec 2018 16:55:09 GMT

Best Practices for HIPAA Compliance in a Containerized Environment - Container Journal
Container Journal - Thu, 29 Nov 2018 08:00:00 GMT

HHS Requests Feedback on HIPAA Changes Designed to Improve Care Coordination - Lexology
Lexology - Sat, 15 Dec 2018 06:35:46 GMT

TV Interview Costs Connecticut Physicians $125K for HIPAA Infractions - HealthLeaders Media
HealthLeaders Media - Tue, 27 Nov 2018 08:00:00 GMT

Protecting Patient Information: The Importance of a Business Associate Agreement Under HIPAA - Lexology
Lexology - Sat, 15 Dec 2018 08:22:47 GMT

$500K HIPAA Mistake For Florida Healthcare Company - Food, Drugs, Healthcare, Life Sciences - United States - Mondaq News Alerts
Mondaq News Alerts - Tue, 11 Dec 2018 05:46:38 GMT

HIPAA Summary for Patients - Explosion
Explosion - Mon, 17 Dec 2018 11:42:34 GMT

12 AGs sue medical records company for HIPAA data breach - BenefitsPro
BenefitsPro - Thu, 06 Dec 2018 08:00:00 GMT

Hospitalist practice gets $500K fine for HIPAA violations - Health Data Management
Health Data Management - Wed, 05 Dec 2018 22:11:34 GMT

Missing BAA Results in $500,000 HIPAA Settlement | Saul Ewing Arnstein & Lehr LLP - JD Supra
JD Supra - Tue, 11 Dec 2018 20:15:16 GMT

AMIA, AHIMA Call for HIPAA Modernization to Support Patient Access - Healthcare Informatics
Healthcare Informatics - Fri, 07 Dec 2018 08:00:00 GMT

Credit Card System Hack Led to HIPAA Breach Report - BankInfoSecurity.com
BankInfoSecurity.com - Mon, 10 Dec 2018 20:40:01 GMT

$500K HIPAA Mistake for Florida Healthcare Company - Lexology
Lexology - Wed, 05 Dec 2018 08:00:00 GMT

FileCloud Announces HIPAA Supported File Sharing for Global Healthcare Sector - Business Wire
Business Wire - Thu, 13 Dec 2018 12:00:00 GMT

Medcurity: Helping with HIPAA - Spokane Journal of Business
Spokane Journal of Business - Thu, 06 Dec 2018 08:00:00 GMT

Where Is the HIPAA Right to Defend One’s Self? - JD Supra
JD Supra - Wed, 28 Nov 2018 08:00:00 GMT

OMB Seeks to Ease HIPAA Burdens on Health Care Providers - The National Law Review
The National Law Review - Tue, 20 Nov 2018 21:57:07 GMT

Physician Practice Roundup—Doctor's TV interview results in $125K HIPAA fine for practice - FierceHealthcare
FierceHealthcare - Thu, 29 Nov 2018 08:00:00 GMT

Physician's Response to a Public Patient Complaint Leads to Penalty under HIPAA - JD Supra
JD Supra - Mon, 10 Dec 2018 20:11:44 GMT

Failure To Enter Into BAA Leads To HIPAA Settlement - The National Law Review
The National Law Review - Mon, 10 Dec 2018 21:53:40 GMT

Effort to modernize HIPAA focuses on easier patient data access - Health Data Management
Health Data Management - Thu, 06 Dec 2018 12:22:57 GMT

HIPAA Business Associates … How Do I Know Thee? - Lexology
Lexology - Mon, 19 Nov 2018 08:00:00 GMT

Here is Your Opportunity to Tell HHS How to Improve HIPAA - Lexology
Lexology - Thu, 13 Dec 2018 10:59:27 GMT

Rutledge files complaint against health record company for HIPAA violations - Newton County Times
Newton County Times - Fri, 07 Dec 2018 21:22:00 GMT

Amendments to data breach notification law in Colorado impact HIPAA-regulated entities - Denver Business Journal
Denver Business Journal - Thu, 29 Nov 2018 08:00:00 GMT

Physician TV Interview Incurs $125,000 HIPAA Fine | Poyner Spruill LLP - JD Supra
JD Supra - Wed, 05 Dec 2018 21:18:42 GMT

Public Information is Still Protected by HIPAA | Holland & Knight LLP - JD Supra
JD Supra - Thu, 29 Nov 2018 08:00:00 GMT

Cavern Technologies Achieves PCI and HIPAA Certifications - Virtual-Strategy Magazine
Virtual-Strategy Magazine - Mon, 10 Dec 2018 15:23:00 GMT

CMS to Seek Feedback on Reducing HIPAA Burdens - JD Supra
JD Supra - Wed, 21 Nov 2018 08:00:00 GMT

Amazon confirms plan to sell a HIPAA eligible software, Amazon Comprehend Medical, which will mine medical records of the patients - Packt Hub
Packt Hub - Wed, 28 Nov 2018 08:00:00 GMT

Iron-Clad HIPAA, EULAs; But Can a Dispute Put Patient Data at Risk? - HealthITSecurity.com
HealthITSecurity.com - Mon, 03 Dec 2018 08:00:00 GMT

YouTube, A&E Get 'Frivolous' Health Privacy Claim Dismissed - Bloomberg Law
Bloomberg Law - Tue, 11 Dec 2018 20:37:30 GMT

HIPAA Complaints Reveal Public Concern About All Types of Organizations – Not Just Healthcare - EIN News
EIN News - Mon, 03 Dec 2018 15:15:07 GMT

Immuta Releases Playbook for HIPAA-Compliant AI - AiThority
AiThority - Sat, 24 Nov 2018 08:00:00 GMT

Indiana medical company hit with first multistate HIPAA lawsuit: 7 things to know - Becker's Hospital Review
Becker's Hospital Review - Tue, 04 Dec 2018 08:00:00 GMT

First Joint Cross-State HIPAA Breach Lawsuit Brought in Response to 2015 Cyberattack - JD Supra
JD Supra - Fri, 14 Dec 2018 23:18:34 GMT

“Expensive News”: Medical Practice Enters Into $125000 HIPAA Settlement For Sharing PHI With a Reporter - JD Supra
JD Supra - Tue, 04 Dec 2018 08:00:00 GMT

Attorneys General File First HIPAA Related Data Breach Suit - JD Supra
JD Supra - Thu, 13 Dec 2018 20:01:43 GMT

OCR Hits Advanced Care Hospitalists with $500000 Fine for HIPAA Violations - Lexology
Lexology - Wed, 12 Dec 2018 14:03:45 GMT

AccuZIP Again Achieves SOC 2 Type I, HIPAA and HITECH Compliance Certifications - Press Release - Digital Journal
Digital Journal - Tue, 11 Dec 2018 02:41:40 GMT

Preserving Clinician Discretion Under Health Privacy Regulation - The Regulatory Review
The Regulatory Review - Tue, 11 Dec 2018 06:08:41 GMT

Adam Greene on HIPAA and the HITECH Act [Podcast] - Lexology
Lexology - Thu, 29 Nov 2018 08:00:00 GMT

Closing the Health Information Privacy Divide - C&M Health Law
C&M Health Law - Tue, 20 Nov 2018 08:00:00 GMT

Fuse Networks LLC Chooses Compliancy Group to achieve HIPAA Compliance - PR Web
PR Web - Mon, 10 Dec 2018 16:03:22 GMT

Colorado Hospital Pays $111400 HIPAA Settlement For Failing To Stop Former Employee From Having Access To Patient Protected Health Information - JD Supra
JD Supra - Wed, 12 Dec 2018 19:42:42 GMT

The Threat From Within: Most Breaches Due to Employee Errors - Renal and Urology News
Renal and Urology News - Fri, 14 Dec 2018 14:57:56 GMT

Using secure messaging to reduce appointment no-shows and improve dental patient experience - Dentistry IQ
Dentistry IQ - Mon, 17 Dec 2018 20:40:06 GMT

Twelve States File First Multistate Healthcare Data Breach Lawsuit - Healthcare Informatics
Healthcare Informatics - Wed, 05 Dec 2018 08:00:00 GMT

HIPAA Compliance Officer Job in Fort Leonard Wood, Missouri - Department of the Army - LemonWire
LemonWire - Sun, 09 Dec 2018 12:18:48 GMT

Dental Breach Notification Sparked by EMR Vendor Refusal - HealthITSecurity.com
HealthITSecurity.com - Tue, 27 Nov 2018 08:00:00 GMT

Carolina Innovative Research Re-affirms Commitment to HIPAA Compliance thanks to Compliancy Group – All - All News Stories
All News Stories - Wed, 28 Nov 2018 11:00:00 GMT

Employer liability and the legal consequences of violating patient data privacy - MedCity News
MedCity News - Mon, 26 Nov 2018 08:00:00 GMT

Can law enforcement access patient information? Sometimes - MassLive.com
MassLive.com - Tue, 11 Dec 2018 12:11:00 GMT

Security Manual Template, 2018 Edition - California Consumer Privacy Act - 2018 / GDPR / ISO / HIPAA / SOX / CobiT / FIPS Compliant - ResearchAndMarkets.com - Associated Press
Associated Press - Fri, 07 Dec 2018 15:12:00 GMT

Eye Center in California Switches EHR Vendor Following Ransomware Incident - Healthcare Informatics
Healthcare Informatics - Tue, 11 Dec 2018 22:35:55 GMT

AWS makes Translate, Transcribe, and Comprehend services HIPAA compliant - Inventiva
Inventiva - Thu, 08 Nov 2018 08:00:00 GMT

Voluntary code of conduct developed by more than 60 industry stakeholders can help facilitate health data exchange with entities not covered by HIPAA - PRNewswire
PRNewswire - Tue, 27 Nov 2018 08:00:00 GMT

MedPro Partners With PCIHIPAA To Offer Compliance Services to Healthcare Providers - EIN News
EIN News - Thu, 06 Dec 2018 08:00:00 GMT

ABC news affiliate finds leaked PHI from U of Kentucky HealthCare - Becker's Hospital Review
Becker's Hospital Review - Mon, 26 Nov 2018 08:00:00 GMT

HHS Asks For Input On HIPAA Changes To Push Coordinated Care - Inside Health Policy
Inside Health Policy - Thu, 13 Dec 2018 00:27:09 GMT

Data denied: Despite laws, patients unable to obtain medical records - Times Herald-Record
Times Herald-Record - Tue, 18 Dec 2018 07:56:41 GMT

FDA Guidance On Post-Complete Response Letter Meetings Between FDA And ANDA Applicants Under GDUFA - Food, Drugs, Healthcare, Life Sciences - United States - Mondaq News Alerts
Mondaq News Alerts - Mon, 17 Dec 2018 14:15:00 GMT

HIPAA-Compliant Email and Messaging: The Benefits of a Multipronged Approach - HealthTech Magazine
HealthTech Magazine - Wed, 12 Sep 2018 07:00:00 GMT

HIPAA update inches closer to reality - Healthcare IT News
Healthcare IT News - Thu, 15 Nov 2018 08:00:00 GMT

HIPAA and data sharing: Rethinking both for the Digital Age - Healthcare IT News
Healthcare IT News - Wed, 10 Oct 2018 07:00:00 GMT

Why there are no good alternatives to holding data hostage - Health Data Management
Health Data Management - Wed, 12 Dec 2018 22:15:38 GMT

Ransomware Attack Impacts 16,000 Patients in Georgia - HealthITSecurity.com
HealthITSecurity.com - Fri, 14 Dec 2018 13:53:00 GMT

The Promises (and Problems) of Real World Data - Mass Device
Mass Device - Mon, 26 Nov 2018 08:00:00 GMT

Anthem's $16M HIPAA settlement largest in history - Becker's Hospital Review
Becker's Hospital Review - Tue, 16 Oct 2018 07:00:00 GMT

Top 10 HIPAA violations, and how to avoid them - MD Linx
MD Linx - Tue, 09 Oct 2018 07:00:00 GMT

How Does HIPAA Apply to Wearable Health Technology? - HealthITSecurity.com
HealthITSecurity.com - Tue, 24 Jul 2018 07:00:00 GMT

HIPAA lets providers text patients, but is it secure? - MobiHealthNews
MobiHealthNews - Wed, 17 Oct 2018 07:00:00 GMT

HIPAA Compliance Refresher for Business Owners - HomeCare
HomeCare - Tue, 05 Jun 2018 07:00:00 GMT

Epiphany Healthcare Secures Email Communications for Regulated Patient Data with Egress Software - Business Wire
Business Wire - Tue, 04 Dec 2018 08:00:00 GMT

Hospitals Fail at HIPAA Compliance Re Medical Records Requests - HealthITSecurity.com
HealthITSecurity.com - Tue, 09 Oct 2018 07:00:00 GMT

Column: Changes may be on the horizon for HIPAA - Buffalo Business First - Buffalo Business First
Buffalo Business First - Tue, 14 Aug 2018 07:00:00 GMT

MA Physician Gets 1-Year Probation for Criminal HIPAA Violation - HealthITSecurity.com
HealthITSecurity.com - Fri, 21 Sep 2018 07:00:00 GMT

 

 

The Office of the National Coordinator for Health Information Technology

 

 

COVERED ENTITY CHARTS


Guidance on how to determine whether an entity is a covered entity under the Administrative Simplification provisions of HIPAA

 

 

HIPAA DEFINITIONS FOR ELECTRONIC PROTECTED HEALTH INFORMATION:

  • Encryption means the use of an algorithmic process to transform data into a form in which there is a low probability of assigning meaning without use of a confidential process or key.

  • Access means the ability or the means necessary to read, write, modify, or communicate data/information or otherwise use any system resource.

  • Authentication means the corroboration that a person is the one claimed.

  • Technical safeguards means the technology, policy and procedures for its use that protect electronic protected health information and control access to it.

  • Workstation means an electronic computing device, for example, a laptop or desktop computer, or any other device that performs similar functions, and electronic media stored in its immediate environment implement the implementation specifications.

  • Workforce clearance procedure
    (Addressable). Implement procedures to determine that the access of a workforce member to electronic protected health information is appropriate.

 

 

Are you a covered entity under HIPAA regulations?

 

The following is a simple test for determining whether or not you qualify as a provider and therefore must follow the HIPAA guidelines:

  • Does the person, business, or agency furnish bill, or receive payment for, health care in the normal course of business?

  • If the answer is yes, does the person, business, or agency conduct covered transactions? If yes, are any of the covered transactions transmitted in electronic form?

  • If the answer to this question is yes, the person, business, or agency is a covered health care provider and must comply with all HIPAA regulations

Click here for your free HIPAA checklist

 

 

FEATURED SOLUTION

 

SafetySend, Inc. is an inexpensive, but reliable solution to compliant messaging  product that integrates secure email, large file transfer and secure fax into one "easy to use" interface. If your organization is using compliance tools to handle Protected Health Information (PHI) are able to  keep electronic communications HIPAA and GLB compliant...without having to purchase software, hardware, computer upgrades or installation. The cost for a small organization is as low as $50 per month and can scale to even enterprise clients. For more information go to: www.safetysend.com

 

 

DEADLINES FOR HIPAA COMPLIANCE

 

 

 

 

 
 

Copyright 2003-2010 ©HIPAAnews.org All Rights Reserved.