Menu

Showing 2 posts in Protected Health Information.

Health Providers Must Ensure Social Media Interactions Protect Patients' Protected Health Information

It can be tempting for a business to push back on a negative review on social media. However, health care providers cannot disclose patients' protected health information (PHI) in response to negative reviews posted on social media. More ›

OCR Provides Guidance on Direct Liability for Business Associates Under HIPAA

A HIPAA Business Associate ("Business Associate") is an individual or entity who performs or furnishes activity or service for or on behalf of a HIPAA Covered Entity ("Covered Entity") involving the use or disclosure of protected health information ("PHI"). The HITECH Act and OCR's HIPAA Security final rule provides the U.S. Department of Health & Human Services Office for Civil Rights ("OCR") with authority to take enforcement action against Business Associates only for those requirements and prohibitions of the HIPAA Rules outlined below.

Based on recent guidance provide by OCR, Business Associates should implement a HIPAA compliance program and document compliance with the HIPAA Privacy and Security rules in order to minimize potential HIPAA enforcement actions. Covered Entities should also perform due diligence on potential Business Associates and monitor and audit Business Associate compliance. More ›

Search
Subscribe via Email