PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

Cartoon: HIPAA Protected Health Information

Cartoon HIPAA PHI - TeachPrivacy HIPAA Training 02

Here’s a new HIPAA cartoon. This cartoon is about protected health information (PHI).  In the HIPAA regulations, the definition of PHI is quite complicated, as it is splintered into at least three separate parts that appear in HIPAA’s definitions section.  Pursuant to HIPAA, 45 CFR 160.103: Health information means any information, including genetic information, whether oral or recorded […]

Read More…

HIPAA’s Long Arm — and Why It’s a Good Thing

HIPAA Training

Recently, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued its first HIPAA resolution agreement and monetary penalty against a business associate (BA). […]

Read More…

Patient Access to Medical Records Under HIPAA: Significant Reform Needed

by Daniel J. Solove Recently, I wrote about the challenges in accessing health information about family members.  In this post, I will explore patients’ access to their own medical records. HIPAA doesn’t handle patient access to medical records very well. There are many misunderstandings about patient access under HIPAA that make it quite difficult for […]

Read More…

HIPAA’s Friends and Family Network: Access to Health Information

by Daniel J. Solove Suppose your elderly mother is being treated at the hospital for a heart condition. Your mother tells her doctor that you can have access to her health information. The doctor, however, doesn’t disclose the information to you. The doctor thinks that you can only have the information with a signed written […]

Read More…