HIPAA Handbooks

  • Privacy and security training for new and seasoned staff
  • 11 staff/setting focus areas
  • Education on protecting PHI
  • New HITECH Act changes
  • Discounts on bulk purchases



  • Role-based training using real-life case scenarios
  • Test-your-knowledge exercises with remediation
  • Post-course test to document staff participation


Other HIPAA Resources

  • Hot-topic audio conferences
  • Books on privacy and security
  • Newsletters
  • e-Newsletter
  • Videos



Tips as you wait for final HITECH rules

Email This Post Print This Post

Editor’s note: These tips are excerpts from the April edition of the HCPro, Inc. newsletter, Briefings on HIPAA. For more information on subscriptions and purchasing this full article, go here.

Be aware of what is happening and attend to all aspects of ensuring privacy and security, says Margret Amatayakul, MBA, RHIA, CHPS, CPHIT, CPEHR, CPHIE, FHIMSS, president of Margret\A Consulting, LLC, in Schaumburg, IL. For example, organizations need to tighten access controls and audit logging as they transition toward EHR. Include provisions to encrypt any data that leaves an organization to prevent breaches, she says.

Review the status of BA contracts. "I'm advising a wait-and-see approach," says John R. Christiansen, Esq., whose practice at Christiansen IT Law in Seattle, which focuses on health IT. With respect to updating BA contracts, "I think it's very clear we will have an ability to have grandfathered contracts," he says.

Christiansen updates some versions of contracts in accordance with the proposed rule on modifications to the HIPAA privacy and security rules, but he doesn't recommend that organizations adopt them unless contracts are expiring and rolling over. With respect to rollovers, organizations must decide whether to use the updated contracts or wait for the final rule.

Leave a Reply