HIPAA Handbooks

  • Privacy and security training for new and seasoned staff
  • 11 staff/setting focus areas
  • Education on protecting PHI
  • New HITECH Act changes
  • Discounts on bulk purchases



  • Role-based training using real-life case scenarios
  • Test-your-knowledge exercises with remediation
  • Post-course test to document staff participation


Other HIPAA Resources

  • Hot-topic audio conferences
  • Books on privacy and security
  • Newsletters
  • e-Newsletter
  • Videos



Will you change your notice of privacy practices?

Email This Post Print This Post

Have any covered entities considered changing their current notice of privacy practices to cover the new rights patients will have under HITECH?

Melanie A. Gomez, HRM, CHC
Director of Corporate Compliance and Risk Management-HIPAA Privacy Officer
CareMore Medical Enterprises

Categories : HIPAA Talk


  1. Dom Nicastro says:

    Interested to see the response in this one. It raises a really good point.

    I also wonder when HHS will release the guidelines around accounting of disclosures.

  2. HIPAA Chick (Tweet) says:

    Negative. At that point, the nurse is not a workforce member, but a family member. Would a family member be allowed to walk in off the street and access their family member’s PHI? No.
    A line is drawn. In order to have access to another’s PHI, it must be either for TPO or an authorization filed in the medical record. Since the nurse is not involved in the patient’s care, her role based PHI access does not allow for her to view the records. Even if there is an authorization in the patient’s record, we wouldn’t just hand over the record to a family member, the request for PHI should be routed through ROI.

  3. Emilie Rayman says:

    Yes, we have revised our “notice of privacy practices”, but we are in California and are also under SB 541 and AB 211.

  4. Katherine Maddox, RHIA, CHC says:

    I’m in Texas and new to position, I think I will be updating Notice of Privacy Practices…

Leave a Reply