HIPAA COMPLIANCE HELPHIPAA SURVIVAL GUIDEHIPAA PRIVACY RULEHIPAA SECURITY RULEHITECH ACT Expressoâ„¢ - The Risk Assessment Express helps you complete your first HIPAA Risk Assessment in as little as three hours. We give you a "leg up" by automating the NIST seven step risk assessment process. The pre-populated list of threats, vulnerabilities, and business impacts that come with Expressoâ„¢ provide a huge time-savings

advantage.

HIPAA STATE LAW

The basic tenets of this rule are that if state law is "contrary" to HIPAA, then the latter preempts and is controlling, but if state law is "more stringent" than HIPAA, then in essence the federal and state laws are complementary and both apply. Both "contrary" and "more stringent" are terms of art defined in Subpart B. HIPAA REGULATIONS 2018 Subpart C — Compliance and Enforcement. § 160.300 Applicability. § 160.302 § 160.304 Principles for achieving compliance. § 160.306 Complaints to the Secretary. § 160.308 Compliance reviews. § 160.310 Responsibilities of covered entities. § 160.312 Secretarial action regarding complaints and compliance

reviews.

45 CFR 162 - HIPAA SURVIVAL GUIDE Subpart I — General Provisions for Transactions. § 162.910 Maintenance of standards and adoption of modifications and new standards. (c) Process for modification of existing standards and adoption of new standards. (6) The ASC X12N 820- Payroll Deducted and

Other

HITECH ACT ACCOUNTING OF DISCLOSURES HITECH Act Accounting of Disclosures. Sec. 13405. Restrictions on Certain Disclosures and Sales of Health Information; Accounting of Certain Protected Health Information Disclosures; Access to Certain Information in Electronic Format. (a) Requested Restrictions on Certain Disclosures of Health Information .—In the case that an

individual

DEFINITIONS UNDER THE HIPAA PRIVACY RULE HIPAA §164.501 Definitions. As used in this subpart, the following terms have the following meanings: Correctional institution. means any penal or correctional facility, jail, reformatory, detention center, work farm, halfway house, or residential community program center operated by, or under contract to, the United States, a State, a territory, a political subdivision of a State or HIPAA COVERED HEALTH CARE PROVIDERHIPAA BETWEEN HEALTHCARE PROVIDERSHIPAA DESCRIPTION §162.402 Definitions. Covered health care provider. means a health care provider that meets the definition at paragraph (3) of the definition of "covered entity" at §160.103 of this subchapter. Download a FREE copy of the HIPAA Survival Guide 4th Edition.

HIPAA 164.526

HIPAA 164.526: Amendment of protected health information. §164.526 Amendment of protected health information. (a) Standard: Right to amend. (1) Right to amend. An individual has the right to have a covered entity amend protected health information or a record about the individual in a designated record set for as long as the protected health information is maintained in the designated record set. PROTECTED HEALTH INFORMATION DEFINITION Protected Health Information. means individually identifiable health information: (1) Except as provided in paragraph (2) of this definition, that is: (i) Transmitted by electronic media; (ii) Maintained in electronic media; or. (iii) Transmitted or maintained in any other form or medium. HIPAA DEFINITION OF BREACH HIPAA § 164.402 Definitions. As used in this subpart, the following terms have the following meanings: Breach. means the acquisition, access, use, or disclosure of protected health information in a manner not permitted under subpart E of this part which compromises HIPAA COMPLIANCE HELPHIPAA SURVIVAL GUIDEHIPAA PRIVACY RULEHIPAA SECURITY RULEHITECH ACT Expresso™ - The Risk Assessment Express helps you complete your first HIPAA Risk Assessment in as little as three hours. We give you a "leg up" by automating the NIST seven step risk assessment process. The pre-populated list of threats, vulnerabilities, and business impacts that come with Expresso™ provide a huge time-savings

advantage.

HIPAA STATE LAW

The basic tenets of this rule are that if state law is "contrary" to HIPAA, then the latter preempts and is controlling, but if state law is "more stringent" than HIPAA, then in essence the federal and state laws are complementary and both apply. Both "contrary" and "more stringent" are terms of art defined in Subpart B. HIPAA REGULATIONS 2018 Subpart C — Compliance and Enforcement. § 160.300 Applicability. § 160.302 § 160.304 Principles for achieving compliance. § 160.306 Complaints to the Secretary. § 160.308 Compliance reviews. § 160.310 Responsibilities of covered entities. § 160.312 Secretarial action regarding complaints and compliance

reviews.

45 CFR 162 - HIPAA SURVIVAL GUIDE Subpart I — General Provisions for Transactions. § 162.910 Maintenance of standards and adoption of modifications and new standards. (c) Process for modification of existing standards and adoption of new standards. (6) The ASC X12N 820- Payroll Deducted and

Other

HITECH ACT ACCOUNTING OF DISCLOSURES HITECH Act Accounting of Disclosures. Sec. 13405. Restrictions on Certain Disclosures and Sales of Health Information; Accounting of Certain Protected Health Information Disclosures; Access to Certain Information in Electronic Format. (a) Requested Restrictions on Certain Disclosures of Health Information .—In the case that an

individual

DEFINITIONS UNDER THE HIPAA PRIVACY RULE HIPAA §164.501 Definitions. As used in this subpart, the following terms have the following meanings: Correctional institution. means any penal or correctional facility, jail, reformatory, detention center, work farm, halfway house, or residential community program center operated by, or under contract to, the United States, a State, a territory, a political subdivision of a State or HIPAA COVERED HEALTH CARE PROVIDERHIPAA BETWEEN HEALTHCARE PROVIDERSHIPAA DESCRIPTION §162.402 Definitions. Covered health care provider. means a health care provider that meets the definition at paragraph (3) of the definition of "covered entity" at §160.103 of this subchapter. Download a FREE copy of the HIPAA Survival Guide 4th Edition.

HIPAA 164.526

HIPAA 164.526: Amendment of protected health information. §164.526 Amendment of protected health information. (a) Standard: Right to amend. (1) Right to amend. An individual has the right to have a covered entity amend protected health information or a record about the individual in a designated record set for as long as the protected health information is maintained in the designated record set. PROTECTED HEALTH INFORMATION DEFINITION Protected Health Information. means individually identifiable health information: (1) Except as provided in paragraph (2) of this definition, that is: (i) Transmitted by electronic media; (ii) Maintained in electronic media; or. (iii) Transmitted or maintained in any other form or medium. HIPAA DEFINITION OF BREACH HIPAA § 164.402 Definitions. As used in this subpart, the following terms have the following meanings: Breach. means the acquisition, access, use, or disclosure of protected health information in a manner not permitted under subpart E of this part which compromises

HIPAA RULES

A Brief Background on the HIPAA Rules and the HITECH Act. The Health Insurance Portability and Accountability Act (HIPAA) was enacted by the U.S. Congress in 1996. The Act is massive in scope with five separate Titles. Title II of HIPAA, known as the Administrative Simplification provisions, requires the establishment of national standards for electronic health care transactions and national HOME PAGE - HSG STORE Our Subscription Plan is a 360-degree comprehensive, systematic, transformative, and coherent HIPAA analysis and remediation offering. In addition to Expresso ®, the Risk Assessment Express, our Subscription Plan comes bundled with dozens of products and the high touch consultative services required to complete your Risk Assessment and Remediation initiatives.

HIPAA COMPLIANCE

The HIPAA Survival Guide is not intended to be read in one sitting. We recommend that you proceed in manageable chunks. While the intent was to provide practical advice, building the map required covering significant terrain. HIPAA compliance is a serious matter, but for the sake of our own sanity (and yours) we attempted to interject a little

HIPAA OMNIBUS RULE

By Carols Leyva Published: February 3, 2013. HIPAA Omnibus Rule Summary. I have argued before that the HHS HIPAA Omnibus Rule ("the Rule") is neither a "Tweak" nor "Sweeping Reform."There is far too much substantive law included in the HIPAA Omnibus Rule for it TRAINING - HSG STORE Our training products help you get your staff up to speed quickly and effectively. There is simply nothing more mission-critical than getting you and your staff adequately trained with respect to the HIPAA regulatory requirements. In 2018 we introduced with Micro Learning training with Concept Shorts which consist of training modules based on various content topics lasting about 15 minutes.

HITECH ACT SUMMARY

THE HITECH ACT. The Health Information Technology for Economic and Clinical Health Act (HITECH Act or "The Act") is part of the American Recovery and Reinvestment Act of 2009 (ARRA).ARRA contains incentives related to health care information technology in general (e.g. creation of a national health care infrastructure) and contains specific incentives designed to accelerate the adoption of HIPAA ADMINISTRATIVE REQUIREMENTS A covered entity must: (i) Maintain the policies and procedures provided for in paragraph (i) of this section in written or electronic form; (ii) If a communication is required by this subpart to be in writing, maintain such writing, or an electronic copy, as documentation; and. (iii) If an action, activity, or designation is

required by this

HIPAA AUTHORIZATION

§164.508 Uses and disclosures for which an authorization is required. (a) Standard: Authorizations for uses and disclosures-- (1) Authorization required: General rule. Except as otherwise permitted or required by this subchapter, a covered entity may not use or disclose protected health information without an authorization that is valid

under this section.

HIPAA REFRAINING FROM INTIMIDATION OR RETALIATION §160.316 Refraining from intimidation or retaliation. A covered entity or business associate may not threaten, intimidate, coerce, harass, discriminate against, or take any other retaliatory action against any individual or other person for— BREACH NOTIFICATION FRAMEWORK Digital Download $229.95 Omnibus Rule Readyâ„¢ Why do you need a Breach Notification Framework? Look at the Decision Points Flowchart for the answer to that question. Section 13402 of the HITECH Act requires that HIPAA covered entities and their business associates provide various notifications following a breach of unsecured protected health information. GET HELP WITH HIPAA COMPLIANCE HIPAA RISK ASSESSMENT

Need

assistance getting through a HIPAA Risk Assessment? Expressoâ„¢ - The Risk Assessment Express

helps you

complete your first HIPAA Risk Assessment in as little as three hours. We give you a "leg up" by automating the NIST seven step risk assessment process. The pre-populated list of threats, vulnerabilities, and business impacts that come with Expressoâ„¢ provide a huge time-savings advantage. Best of all, Expressoâ„¢ is fully customizable to fit your organization's HIPAA Compliance Program. Watch the Expressoâ„¢ Demo Video

to find out more...

HIPAA REGULATIONS

Our

HIPAA Regulations

have super-handy contextual linking and are always kept up to date. Use the HIPAA Definitions

Index to

help you find things quickly.

HITECH ACT TEXT

The HITECH ACT

made a lasting

impact on both the HIPAA Privacy Rule

and HIPAA

Security Rule

. Read our

HITECH ACT Summary

or browse

the HITECH Act text

.

MORE HIPAA COMPLIANCE TOOLS AND RESOURCES HIPAA SURVIVAL GUIDE

The HIPAA

Survival Guide

assists you

with a "forest from the trees" overview of the HIPAA Privacy Rule

, HIPAA

Security Rule

and a

general overview of the HITECH Act

as it

pertains to these Rules. (Versions: Online

and PDF

)

TRY A MODULE FOR FREE!

Curious?

Try a product on the house and see the quality for yourself. Get our Breach Notification Training

module FREE

(a $49.95 value) when you Sign-Up for our HIPAA compliance newsletter

.

HIPAA BREACH NOTIFICATION

Our

HIPAA Breach Notification Framework includes a HIPAA Breach Notification Policy Sample

,

a HIPAA Breach Notification Letter Sample

,

and a HIPAA Breach Notification Decision Tree

.

HIPAA BUSINESS ASSOCIATE AGREEMENT

For

most small practices and businesses this agreement is a 'right out of the box solution'. Just fill in the blanks on the Business Associate

Agreement Template

,

print it out and you are ready to go. HIPAA AUDIT PREPARATION Be prepared with our HIPAA Audit Training Suite (with modules for general audit

,

Security Rule Audit

,

Privacy Rule Audit

and Breach Notification Audit

)

HIPAA AUDIT CHECKLISTS

Each

of our checklist (Privacy Rule Checklist

;

Security Rule Checklist

;

Cloud, Social Media & Mobile Checklist

)

items contain policy statements, processes that underpin each policy and suggested tracking mechanisms to help capture each process

results.

GET IT ALL & SAVE BIG!

Our Annual

Subscription Plan

gives you

access to all of our compliance checklists, model policies, frameworks, business associate agreements, training and, best of all, Expressoâ„¢. YOU WON'T FIND A BETTER VALUE ON THE MARKET TODAY! HIPAA COMPLIANCE VIDEOS

Carlos

Leyva's videos take a deep dive into HIPAA Risk Mitigation

, Agile Compliance

, Breach Notifications , Attacking the Privacy Rule , Attacking the

Security Rule and

more...

AGILE COMPLIANCE

Our HIPAA Agile Compliance Module helps you start executing a great compliance narrative on day one. We provide supporting "Tracks and Chunks" (i.e. mini-projects plans) to jumpstart your HIPAA Compliance Program.

HSG'S AUTHORS

Carlos Leyva

: Internet Lawyer

. Attorney with broad experience servicing the intersection of technology and regulatory

compliance.

Deborah Leyva

is a Registered

Nurse with extensive experience in healthcare, technology and

law/policy.

TOP HEALTHCARE BLOGS

Stay up

to date with out list of Top Healthcare Blogs

.

HSG'S COMMUNITY

Facebook

LinkedIn

Twitter

YouTube

SoundCloud

Carlos Leyva's Blog

Deborah Leyva's Blog Our Newsletter Archive © 2009-2017 3Lions Publishing, Inc.