Sign up to save your podcasts
Or
Share Episode 7: HIPAA Myths Part 1
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Episode 7: HIPAA Myths Part 1
we discuss some common myths (or points of confusion) surrounding HIPAA compliance requirements.
Glossary Myth is a widely held but false belief or idea.
Links
HealthIT.gov Top 10 Myths of Security Risk AnalysisHealthIT.gov Guide to Privacy and Security of Electronic Health Information Analysis
Notes
Providers are not allowed to share information about a patient with others unless authorized by the patient to do so. False. Providers can share:
With anyone the patient identifies as a caregiver
When the information is directly relevant to the involvement of spouse, family member, friends, or caregivers. (Ebola for example)
When necessary to notify a caregiver about a change in condition or location of a patient (as long as the patient doesn't object)
When in the best interest of the patient regardless of their ability to object or not
The security risk analysis is optional for small providers and business associates. False. Everyone is required to abide by the Security Rule which specifically requires a security risk analysis.
A checklist will suffice for the risk analysis requirement. False.Checklists are tools for doing the analysis and gathering your data but they aren't enough to meet the risk analysis requirement. A Security Risk Analysis must include three main elements (according to OCR guidance):
A. Identification of all PHI sourcesB. Human, electronic and environmental threats to the PHIC. Review of current security measures to protect the PHI from those
View all episodes
By Donna Grindle and David Sims
4.9
6161 ratings
we discuss some common myths (or points of confusion) surrounding HIPAA compliance requirements.
Glossary Myth is a widely held but false belief or idea.
Links
HealthIT.gov Top 10 Myths of Security Risk AnalysisHealthIT.gov Guide to Privacy and Security of Electronic Health Information Analysis
Notes
Providers are not allowed to share information about a patient with others unless authorized by the patient to do so. False. Providers can share:
With anyone the patient identifies as a caregiver
When the information is directly relevant to the involvement of spouse, family member, friends, or caregivers. (Ebola for example)
When necessary to notify a caregiver about a change in condition or location of a patient (as long as the patient doesn't object)
When in the best interest of the patient regardless of their ability to object or not
The security risk analysis is optional for small providers and business associates. False. Everyone is required to abide by the Security Rule which specifically requires a security risk analysis.
A checklist will suffice for the risk analysis requirement. False.Checklists are tools for doing the analysis and gathering your data but they aren't enough to meet the risk analysis requirement. A Security Risk Analysis must include three main elements (according to OCR guidance):
A. Identification of all PHI sourcesB. Human, electronic and environmental threats to the PHIC. Review of current security measures to protect the PHI from those
More shows like Help Me With HIPAA
View all
This Week in Tech (Audio)
3,014 Listeners
The Ramsey Show
38,704 Listeners
Wait Wait... Don't Tell Me!
38,649 Listeners
Radiolab
43,909 Listeners
The Joe Rogan Experience
225,807 Listeners
CyberWire Daily
1,006 Listeners
Juicy Scoop with Heather McDonald
25,558 Listeners
The Jordan B. Peterson Podcast
34,045 Listeners
This Past Weekend w/ Theo Von
27,214 Listeners
Darknet Diaries
7,871 Listeners
CISO Series Podcast
187 Listeners
All-In with Chamath, Jason, Sacks & Friedberg
9,095 Listeners
The MeidasTouch Podcast
44,368 Listeners
SmartLess
57,908 Listeners
The Dr. John Delony Show
7,093 Listeners