DiscoverHelp Me With HIPAA
Help Me With HIPAA
Claim Ownership

Help Me With HIPAA

Author: Donna Grindle and David Sims

Subscribed: 52Played: 801


In today's environment of data breaches, identity theft, fraud, and increasing connectivity, HIPAA Privacy and Security rules are a responsibility to your patients and your clients. HIPAA isn't about compliance, it's about patient care.
222 Episodes
Today we discuss 5 medical record uses and disclosures rules that I have been covering recently in training.  Medical records are always around for those of us in healthcare. It is so easy to forget that the rules apply to more than just data breaches and social media.  There are some very basic concepts that people who have been dealing with medical records for years are surprised to learn. Here are five of them we use the most. More at
We need to keep up with our education just like everyone else to keep up with cybersecurity tips and trends.  Donna hit some training at SecureWorld and sat in on a 6-hr online seminar offered by Dark Reading. All of that thinking and learning means we have cybersecurity tips and trends to share in this episode.  This is not just for those who worry about HIPAA. More info at
The debate continues in ransomware attacks, do you make the ransom payment or not?  Lately, we have seen many payments being announced. This should be in your incident response plan ransomware playbook.  These decisions should be discussed now, not when an attack happens. What are the pros and cons to paying and what should be in your ransomware response plans? More info on Help Me With HIPAA blog post.
False claims settlements over meaningful use money have popped into the news again. The provider was sued by whistleblowers and the DOJ for not doing a security risk analysis but attesting to one to get the meaningful use payments anyway. There is whistleblower's angle in this case which makes it even more interesting. If you know anyone that has received any meaningful use money they should check out this episode! More info at
This new BA guidance from OCR is important because it defines clearly all the things we hear misstated over and over.  Several of our Top 10 Wrong HIPAA Statements episode are addressed in the simple ten item list. Today we will discuss the announcement and what does that mean to BAs and their privacy and security programs. More info at
The multi-state settlement with Medical Informatics Engineering makes the OCR settlement seem like a cake walk.  The vendor agrees to pay OCR $100,000 with a standard 2-year corrective action plan. The states get $900,000 plus 5 years of very specific corrective action requirements.  Vendors need to pay attention to this case and take appropriate action now. More info at
Sanction policies are often vague or even overlooked in many privacy and security programs.  The whole point of a sanction policy is to list out the consequences for failure to follow our policies and procedures.  With a vague or non-existent policy consequences aren’t clear which leads to a lack of concern for failure to follow the policy in the first place.  You will never build a culture that worries about protecting information without it being clear that is a requirement for inclusion in our culture. How do you sanction?   More at
Maturity is something we expect from respected folks or grown folks but what about your privacy and security program, do you check it’s maturity?  You have all of these plans, policies, procedures, and training but is it actually meeting your needs? Time to talk maturity assessments. More at
The latest HIPAA violation settlement with OCR was announced recently.  Ironically, the settlement with Touchstone Medical Imaging was for $3,000,000 and announced just after the reduction of maximum penalties was announced by HHS.  Just how bad was this violation to get hit with this level of penalties plus the 2-year corrective action plan? More at
Headlines everywhere are telling us all that the HIPAA penalties are being “slashed” or “capped” or “reduced”.  What is the real story and what does it mean to the rest of us? Great time to talk about what you should consider if you think you will be facing any HIPAA penalties. More info at
Download from Google Play
Download from App Store