Sign up to save your podcasts
Or
Share Episode 9: HIPAA Myths Part 3
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Episode 9: HIPAA Myths Part 3
We finish up our discussion about some common myths (or points of confusion) surrounding HIPAA compliance requirements.
GlossaryMyth is a widely held but false belief or idea.
Links
HealthIT.gov Top 10 Myths of Security Risk AnalysisHealthIT.gov Guide to Privacy and Security of Electronic Health Information Analysis
Notes 1 - 7 of 10 Covered in two previous episodes.
HIPAA covers all PHI no matter who possesses the information. False. HIPAA law applies to entities that are health plans, healthcare clearinghouses, and most healthcare providers and the businesses that create, receive, maintain, or transmit PHI on their behalf. Not every person or organization that possesses PHI falls under the CE or BA categories of HIPAA.
A one hour video course is all that a compliance officer needs to implement HIPAA in any organization. Mostly false. The law requires you have an educated person in charge of privacy and security compliance. It does not define what that education should contain. I can't imagine how anyone could do it with such little training. Nor do any others who do the job themselves. Training is essential to understanding the requirements enough to perform them.
HIPAA training requirements are met with an annual training for all employees. Mostly false. It could be argued that all is required is a quick reminder/refresher course. However, the amount of training provided for privacy and security awareness is directly related to the results you will get from your workforce. If you don't worry about it more than once a year, neither will they.
View all episodes
By Donna Grindle and David Sims
4.9
6161 ratings
We finish up our discussion about some common myths (or points of confusion) surrounding HIPAA compliance requirements.
GlossaryMyth is a widely held but false belief or idea.
Links
HealthIT.gov Top 10 Myths of Security Risk AnalysisHealthIT.gov Guide to Privacy and Security of Electronic Health Information Analysis
Notes 1 - 7 of 10 Covered in two previous episodes.
HIPAA covers all PHI no matter who possesses the information. False. HIPAA law applies to entities that are health plans, healthcare clearinghouses, and most healthcare providers and the businesses that create, receive, maintain, or transmit PHI on their behalf. Not every person or organization that possesses PHI falls under the CE or BA categories of HIPAA.
A one hour video course is all that a compliance officer needs to implement HIPAA in any organization. Mostly false. The law requires you have an educated person in charge of privacy and security compliance. It does not define what that education should contain. I can't imagine how anyone could do it with such little training. Nor do any others who do the job themselves. Training is essential to understanding the requirements enough to perform them.
HIPAA training requirements are met with an annual training for all employees. Mostly false. It could be argued that all is required is a quick reminder/refresher course. However, the amount of training provided for privacy and security awareness is directly related to the results you will get from your workforce. If you don't worry about it more than once a year, neither will they.
More shows like Help Me With HIPAA
View all
This Week in Tech (Audio)
3,014 Listeners
The Ramsey Show
38,704 Listeners
Wait Wait... Don't Tell Me!
38,649 Listeners
Radiolab
43,909 Listeners
The Joe Rogan Experience
225,807 Listeners
CyberWire Daily
1,006 Listeners
Juicy Scoop with Heather McDonald
25,558 Listeners
The Jordan B. Peterson Podcast
34,045 Listeners
This Past Weekend w/ Theo Von
27,214 Listeners
Darknet Diaries
7,871 Listeners
CISO Series Podcast
187 Listeners
All-In with Chamath, Jason, Sacks & Friedberg
9,095 Listeners
The MeidasTouch Podcast
44,368 Listeners
SmartLess
57,908 Listeners
The Dr. John Delony Show
7,093 Listeners