While texting patient information is not prohibited by HIPAA, it can also risky for both the patient and the provider. Providers who wish to text patients must take steps to strengthen the security of both the mobile device used for the text and the transmission of the text. This means adding additional levels of security, such as password protection of the message and periodic deletion of texts or transfer of the text message to the patient’s medical record. Providers should

In a recent announcement by the U.S. Department of Health and Human Services (“HHS”), Office of Civil Rights (“OCR”), the OCR was clear to make a point that just because a business closes during an OCR investigation, does not mean that the business’ obligation for any HIPAA violations ends. To make this point, OCR referenced the recent settlement and corrective action plan entered into for alleged HIPAA violations by now-defunct, Filefax. The OCR was investigating Filefax for

About two years ago Uber became aware of a need for reliable rides to doctor’s appointments for patients and their caregivers. But before its new division Uber Health could be launched, Uber recognized a major obstacle: complying with the Health Insurance Portability and Accountability Act, better known as HIPAA. To prevent potential problems, Uber looked to a HIPAA compliance and cybersecurity firm, which performed a HIPAA risk analysis of everything surrounding Uber Health

Ongoing federal privacy audits originally slated to end in January have uncovered some glaring health-care compliance issues among physicians and health plans, reports the Bureau of National Affairs. Thus far, the privacy audits have hit only a fraction of eligible organizations, but preliminary results have highlighted key problems, such as a failure to assess the risk of patient data being illegally disclosed, and audits have drilled home the importance of an effective comp