All posts in HITECH Act

HIPAA Whiteboard and HIPAA Interactive Whiteboard

Daniel Solove
Founder of TeachPrivacy

HIPAA Whiteboard

Recently, I created two new HIPAA training resources.

HIPAA Whiteboard

I created a 1-page visual summary of HIPAA, which I call the HIPAA WhiteboardThe idea was to summarize HIPAA in a concise and visually-engaging way.  You can download a PDF handout version here.  We’ve been licensing it to many organizations for training and awareness purposes.

HIPAA Whiteboard - TeachPrivacy HIPAA Training

HIPAA Interactive Whiteboard

I subsequently created a new training module — an interactive version of the HIPAA Whiteboard — the HIPAA Interactive Whiteboard When people click on each topic, the program provides brief narrated background information, presented in a very understandable and memorable way.  Trainees can learn at their own pace.  This program is designed to be very short — it is about 5 minutes long.

It can readily be used on internal websites to raise awareness and teach basic information about HIPAA.  It can also be used in learning management systems.

HIPAA Whiteboard Interactive - TeachPrivacy HIPAA Training

HIPAA Whiteboard Interactive - TeachPrivacy HIPAA Training

Continue Reading

Blogging Highlights 2015: Health Privacy+Security Issues

Daniel Solove
Founder of TeachPrivacy

HIPAA Training

I’ve been going through my blog posts from 2015 to find the ones I most want to highlight.  Here are some selected posts about health privacy and security:

Why HIPAA Matters: Medical ID Theft and the
Human Cost of Health Privacy and Security Incidents

care

Continue Reading

The Most Alarming Fact of the HIPAA Audits

Daniel Solove
Founder of TeachPrivacy

hipaa audits 1

law blog 2

by Daniel J. Solove

Are privacy and security laws being enforced effectively? This post is post #5 of a series called Enforcing Privacy and Security Laws.

Under the Health Insurance Portability and Accountability Act (HIPAA), various organizations can be randomly selected to be audited – even if no complaint has been issued against them and even if there has been no privacy incident or breach.

What the audits thus far have revealed is quite alarming. I’ll discuss more on that later.

Continue Reading

The Brave New World of HIPAA Enforcement

Daniel Solove
Founder of TeachPrivacy

hipaa enforcement

law blog 2

by Daniel J. Solove

Are privacy and security laws being enforced effectively? This post is post #4 of a series called Enforcing Privacy and Security Laws.

hhs logoThe Health Insurance Portability and Accountability Act (HIPAA) regulations govern health information maintained by various entities covered by HIPAA (“covered entities”) and other organizations that receive health information from covered entities when performing functions for them. HIPAA is enforced by the Office for Civil Rights (OCR) in the Department of Health and Human Services (HHS). Additionally, state attorneys general (AGs) may enforce HIPAA – only a few federal privacy laws can also be enforced by state AGs.

Continue Reading

The Best Preventative Medicine for Health Data Breaches

Daniel Solove
Founder of TeachPrivacy

data breach 1

by Daniel J. Solove

Last week, I gave a keynote address at a conference called Safeguarding Health Information: Building Assurance through HIPAA Security, sponsored by the National Institute of Standards and Technology (NIST) and the Department of Health and Human Services (HHS), Office for Civil Rights (OCR). I’d like to summarize my remarks here for anyone interested who wasn’t able to attend.

Continue Reading

6 Lessons from the Costliest HIPAA Settlement to Date

Daniel Solove
Founder of TeachPrivacy

Costliest HIPAA Settlement blog 1

by Daniel J. Solove

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently announced the costliest HIPAA settlement to date — a $4.8 million settlement with New York and Presbyterian Hospital (NYP) and Columbia University (CU). The case involved the disclosure of protected health information on the Internet. Here are some lessons from this latest case:

Continue Reading