HIPAA Handbooks

  • Privacy and security training for new and seasoned staff
  • 11 staff/setting focus areas
  • Education on protecting PHI
  • New HITECH Act changes
  • Discounts on bulk purchases

More»

E-learning

  • Role-based training using real-life case scenarios
  • Test-your-knowledge exercises with remediation
  • Post-course test to document staff participation

More»

Other HIPAA Resources

  • Hot-topic audio conferences
  • Books on privacy and security
  • Newsletters
  • e-Newsletter
  • Videos


More»

chklist_paperDear healthcare professional,

Medical Records Briefing (MRB) is conducting its benchmarking survey on electronic health record implementation, and we would appreciate your input. Please take a few moments to complete this survey.

To show our thanks, we will select one respondent at random to win a complimentary HCPro webcast of his or her choice. To enter to win, please include your contact information at the end of the survey once you have answered the questions.

Read More→

Categories : EHRs
Comments (0)

Submit your HIPAA questions to Editoquestionr John Castelluccio at jcastelluccio@hcpro.com and we will work with our experts to provide the information you need.

Q: Is it considered a HIPAA violation for facilities and clinics to keep patient charts outside of exam rooms or at a patient’s bedside? Most providers prefer to have the charts handy to review just before seeing the patient; however, I am unsure of whether this would be an incidental disclosure, as anyone walking by could access the chart.

A: This practice is acceptable if you take steps to limit the amount of information available and limit those who have access. For example, a bedside chart should contain minimal information needed for that day’s care, such as an intake/output record, medication administration record, and nurses’ notes. The patient’s entire record should not be kept at the bedside for family members and visitors to access. Read More→

Categories : HIPAA privacy
Comments (0)

The National Cybersecurity Center of Excellence (NCCoE) is publishing a new series of guides to show healthcare professionals and organizations how to improve their cybersecurity measures to protect health information systems with standards-based, commercially available, or open-source tools.

The NCCoE released a draft version of the first guide in the series, “Securing Electronic Records on Mobile Devices,” July 23 for public comment. The step-by-step guide demonstrates how to use smartphones or tablets for patient care without spreading sensitive data across the digital stratosphere.

Read More→

Cyber criminals hacked into part of a computer network at UCLA Health System in California, compromising records of at least 4.5 million people, the university hospital system reported on Friday.

There is no evidence yet the hackers obtained access to or acquired individuals’ PHI, although the compromised areas of the network do contain names, addresses, birthdates, Social Security numbers, medical record numbers, Medicare or health plan numbers, and other medical information, according to a statement from UCLA Health.

The health system is working with the FBI and has also hired private computer forensic experts to secure information on network servers.

Read More→

Submit your HIPAA questions to Editoquestionr John Castelluccio at jcastelluccio@hcpro.com and we will work with our experts to provide the information you need.

Q: Do healthcare organizations need to log all documents before shredding? I have my staff log all documents that were scanned and indexed before they are placed in the bin for shredding. Once I receive the certificate of destruction, we match the log sheets with the certificate of destruction for documentation purposes. Once matched with our log sheets, the certificates of destruction are kept in log books. This is done with the anticipation of court appearance. I will need to produce policies and procedures for certificates of destruction.

Read More→

Categories : HIPAA Q&A
Comments (0)