Which of the following security vulnerabilities is your facility currently focusing on correcting?

• Encryption of mobile devices
• Adequate password protection
• Refined and continuous privacy and security training
• Other

Submit your response by selecting “Quick Poll” at HCPro’s Corporate Compliance website.
 

Does your facility have a mobile device policy?

• Yes
• No
• We are in the process of developing a policy

Submit your response by selecting “Quick Poll” at HCPro’s Corporate Compliance website.
 

Q: Can a skilled nursing facility (SNF) display residents’ names and pictures on a plaque outside their doors?

A. Residents’ names and pictures can be displayed outside their doors only if the SNF obtains authorization from residents. If a resident is not capable of authorizing the display of his or her name and picture, the SNF would need to seek authorization from a personal representative of the resident.

Editor’s note: Chris Apgar, CISSP, president of Apgar & Associates, LLC, in Portland, OR, answered this question.
 

Q: Our healthcare facility is requiring employees to get the flu shot or they will have to wear a mask when within 6 feet of patients. Is this not a violation of employee or patient privacy? A. The Privacy Rule only protects the privacy of patient, not employees. Requiring non-vaccinated employees to wear a respiratory mask to protect the health of patients does not violate the patient’s privacy and may prevent the spread of infection. Editor’s note: Mary D. Brandt, MBA, RHIA, CHE, CHPS, vice president of HIM at Scott & White Healthcare in Temple, TX answered this question in the February issue of Briefings on HIPAA. Brandt is a nationally recognized expert on patient privacy, information security, and regulatory compliance, and her publications provided some of the basis for HIPAA’s privacy regulations.

An HHS task force recommends that if the government encourages and helps develop health text messaging and mobile health programs, it better look into privacy and security concerns.

The task force Jan. 26 recommends that HHS conduct “further research” into the privacy and security risks associated with text messaging of health information and establish guidelines for managing such privacy/security issues.

“The exchange of health information via text messages raises privacy and security issues specific to this medium,” the task force wrote in an HHS release. “Text messaging programs may be subject to numerous privacy and security laws, including [HIPAA's] privacy and security rules.”

Read more on the HIPAA Update blog.