Home
FAQ's
HIPAA links
Contact Us

Protecting the Privacy of Personal Health Information

 
 

Compliance & Enforcement

 

How to File a Health Information Privacy Complaint

Health Information Privacy Complaint Form [PDF]

Interim final rule: Civil Money Penalties: Procedures for Investigations, Imposition of Penalties, and Hearings [PDF]

 
 

GENERAL INFORMATION

 

The Privacy Rule

HIPAA Statute

The Security Rule

Identifier Standards

What is the Privacy Rule and why has HHS issued regulations?

Privacy Rule Summary [PDF]

HIPAA Glossary & Acronyms

 
 

SMALL PROVIDERS & BUSINESSES

 

HIPAA essentials outline

HIPAA Checklist

OCR Summary - HIPAA Privacy Rule

Frequently Asked Questions

Am I a covered entity?

Covered Entity Flowchart

 
 

HIPAA - Related Links

 

Centers for Medicare and Medicaid Services (CMS)

The Privacy Rule and Public Health (CDC)

The Privacy Rule and Research (NIH)

National Committee on Vital and Health Statistics (NCVHS)

Workgroup for Electronic Data Interchange

Portability of Health Coverage - Dept. of Labor

Full List of HIPAA-Related Links

 
 

For Consumers

 

Fact Sheet: Protecting the Privacy of Patients' Health Information

 

Security Standards for the Protection of Electronic Protected Health Information

 
 

Education Materials

 

Summary of HIPAA Privacy Rule

Guidance on Specific Aspects of the Privacy Rule

Am I a Covered Entity?

Your Frequently Asked Questions on Privacy

Sample Business Associate contract

The Privacy Rule and Research

Misleading Marketing on HIPAA Training

 
 

Current News and Information about HIPAA Compliance, Regulations and Violations

 

 

Massachusetts Ear Group To Pay $1.5 Million To Resolve HIPAA Charges

 

 

New York Presbyterian Hospital Settles OCR HIPAA Investigation - Mondaq News Alerts (registration)
- Thu, 28 Apr 2016 16:47:03 GMT

Status report: OCR's effort to guide HIPAA compliance in mobile health - Healthcare IT News
- Wed, 27 Apr 2016 15:25:01 GMT

Should 42 CFR, Part 2 Be Aligned With HIPAA? - OPEN MINDS (registration)
- Thu, 28 Apr 2016 03:16:24 GMT

Orthopedic Group Pays Big Fine for HIPAA Violation - Medscape
- Mon, 25 Apr 2016 12:30:59 GMT

Tronetti: HIPAA laws protect patients and medical staff - Florida Today
- Tue, 26 Apr 2016 13:32:43 GMT

New HIPAA Phase 2 Audits: Targets Notified by Email Only - JD Supra (press release)
- Thu, 28 Apr 2016 22:06:42 GMT

Leaks about Prince's death might be HIPAA violations - MedCity News
- Mon, 25 Apr 2016 21:45:07 GMT

NY Hospital Reaches $2.2M HIPAA Settlement - Campus Safety Magazine
- Tue, 26 Apr 2016 19:44:29 GMT

Cybersecurity and Employee Benefit Plan Fiduciary Duties: Going Beyond HIPAA - JD Supra (press release)
- Wed, 27 Apr 2016 16:25:12 GMT

Egenera Enhances HIPAA Compliance for Xterity Wholesale Managed Cloud Offering - Marketwired (press release)
- Wed, 27 Apr 2016 16:00:50 GMT

 

 

The Office of the National Coordinator for Health Information Technology

 

 

COVERED ENTITY CHARTS


Guidance on how to determine whether an entity is a covered entity under the Administrative Simplification provisions of HIPAA

 

 

HIPAA DEFINITIONS FOR ELECTRONIC PROTECTED HEALTH INFORMATION:

  • Encryption means the use of an algorithmic process to transform data into a form in which there is a low probability of assigning meaning without use of a confidential process or key.

  • Access means the ability or the means necessary to read, write, modify, or communicate data/information or otherwise use any system resource.

  • Authentication means the corroboration that a person is the one claimed.

  • Technical safeguards means the technology, policy and procedures for its use that protect electronic protected health information and control access to it.

  • Workstation means an electronic computing device, for example, a laptop or desktop computer, or any other device that performs similar functions, and electronic media stored in its immediate environment implement the implementation specifications.

  • Workforce clearance procedure
    (Addressable). Implement procedures to determine that the access of a workforce member to electronic protected health information is appropriate.

 

 

Are you a covered entity under HIPAA regulations?

 

The following is a simple test for determining whether or not you qualify as a provider and therefore must follow the HIPAA guidelines:

  • Does the person, business, or agency furnish bill, or receive payment for, health care in the normal course of business?

  • If the answer is yes, does the person, business, or agency conduct covered transactions? If yes, are any of the covered transactions transmitted in electronic form?

  • If the answer to this question is yes, the person, business, or agency is a covered health care provider and must comply with all HIPAA regulations

Click here for your free HIPAA checklist

 

 

FEATURED SOLUTION

 

SafetySend, Inc. is an inexpensive, but reliable solution to compliant messaging  product that integrates secure email, large file transfer and secure fax into one "easy to use" interface. If your organization is using compliance tools to handle Protected Health Information (PHI) are able to  keep electronic communications HIPAA and GLB compliant...without having to purchase software, hardware, computer upgrades or installation. The cost for a small organization is as low as $50 per month and can scale to even enterprise clients. For more information go to: www.safetysend.com

 

 

DEADLINES FOR HIPAA COMPLIANCE

 

 

 

 

 
 

Copyright 2003-2010 ©HIPAAnews.org All Rights Reserved.