I recently created a new resource page for the TeachPrivacy website: Text of HIPAA’s Training Requirements. This page provides excerpts of the training provisions in the HIPAA Privacy Rule and the HIPAA Security Rule.
This page is designed to be a useful companion page to our resource page, HIPAA Training Requirements: FAQ. The FAQ discuss my interpretation of the HIPAA training provisions, but the full text of those provisions is located on the separate new resource page above.
Are privacy and security laws being enforced effectively? This post is post #5 of a series called Enforcing Privacy and Security Laws.
Under the Health Insurance Portability and Accountability Act (HIPAA), various organizations can be randomly selected to be audited – even if no complaint has been issued against them and even if there has been no privacy incident or breach.
What the audits thus far have revealed is quite alarming. I’ll discuss more on that later.
Are privacy and security laws being enforced effectively? This post is post #4 of a series called Enforcing Privacy and Security Laws.
The Health Insurance Portability and Accountability Act (HIPAA) regulations govern health information maintained by various entities covered by HIPAA (“covered entities”) and other organizations that receive health information from covered entities when performing functions for them. HIPAA is enforced by the Office for Civil Rights (OCR) in the Department of Health and Human Services (HHS). Additionally, state attorneys general (AGs) may enforce HIPAA – only a few federal privacy laws can also be enforced by state AGs.