PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

HIPAA Cartoon: Notice of Privacy Practices

Cartoon HIPAA Notice - TeachPrivacy HIPAA Training 02 medium

This HIPAA cartoon involves the notice of privacy practices (NPP) under HIPAA.  HIPAA has a set of detailed requirements for the NPP.  See 45 CFR 164.520 for the text of HIPAA’s requirement for NPPs. The biggest challenge regarding privacy notices is that hardly anyone actually reads the notice, and notices are often a chore to read. There is […]

HIPAA Cartoon: Breach of Confidentiality

Cartoon HIPAA Confidentiality - TeachPrivacy HIPAA Training 02

This HIPAA cartoon involves confidentiality. There are countless cases of misdirected PHI that is emailed or faxed to the wrong people. I recently created a new short course on HIPAA Confidentiality.  You can learn more about it here. HIPAA Resources HIPAA Training Courses HIPAA Training Guide HIPAA Training Requirements FAQ HIPAA Whiteboard HIPAA Resources

Cartoon: HIPAA Protected Health Information

Cartoon HIPAA PHI - TeachPrivacy HIPAA Training 02

Here’s a new HIPAA cartoon. This cartoon is about protected health information (PHI).  In the HIPAA regulations, the definition of PHI is quite complicated, as it is splintered into at least three separate parts that appear in HIPAA’s definitions section.  Pursuant to HIPAA, 45 CFR 160.103: Health information means any information, including genetic information, whether oral or recorded […]

HIPAA Training Overview Page

HIPAA Training - TeachPrivacy 01

We recently developed a new overview page that discusses my approach to HIPAA training.  The page discusses several dimensions about our training, including: different comprehensive annual HIPAA privacy and security modules depending upon whether an entity is a covered entity or business associate courses to cover the material at different lengths short modules (most 5 […]

Cartoon on HIPAA Training

HIPAA Training Cartoon - Train without the pain

This cartoon depicts the way many people perceive HIPAA training.  But it doesn’t have to be this way. When most people hear HIPAA training they prepare themselves to slog through a boring lecture filled with tedious legalese.   Many have been subjected to hours of training that is overly technical, not useful for their jobs and not even […]

HIPAA Whiteboard and HIPAA Interactive Whiteboard

HIPAA Whiteboard

Recently, I created two new HIPAA training resources. HIPAA Whiteboard I created a 1-page visual summary of HIPAA, which I call the HIPAA Whiteboard.  The idea was to summarize HIPAA in a concise and visually-engaging way.  You can download a PDF handout version here.  We’ve been licensing it to many organizations for training and awareness purposes. […]

HIPAA Enforcement Case – Filefax

HIPAA Enforcement

This week the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced an agreement to settle HIPAA violations with Filefax, located in Northbrook, Illinois. One aspect was different than their usual settlement process in that Filefax closed the business down during the OCR investigation and was no longer operating when […]

HIPAA Enforcement 2017: Another Big Year for HIPAA Enforcement

HIPAA Enforcement

At the end of 2017, the OCR logged just under $20 million in fines for HIPAA violations from 10 enforcement actions with monetary penalties.  In 2016, the total in penalties was roughly the same amount but from 15 organizations. Here is an overview of the resolution agreements and enforcement actions with civil monetary penalties from […]

10 Reasons Why the Fourth Amendment Third Party Doctrine Should Be Overruled in Carpenter v. US

10 Reasons to Overrule the Fourth Amendment Third Party Doctrine

The U.S. Supreme Court will be hearing arguments this week in Carpenter v. United States, which is one of the most important Fourth Amendment cases before the Court.  The case involves whether the Third Party Doctrine will remain viable.  If so, the Fourth Amendment will fade into obsolescence in today’s digital age. In this post, […]