Header graphic for print
HIPAA, HITECH & HIT Legal Issues, Developments and Other Pertinent Information Relating To The Creation, Use and Exchange of Electronic Health Records

Category Archives: Health IT

Subscribe to Health IT RSS Feed

There’s An App For That Health Information – But is it HIPAA-Covered?

Posted in EHR and PHR, Health IT

“Maybe” is the take-away from recent guidance posted on OCR’s mHealth Developer Portal, making me wonder whether the typical health app user will know when her health information is or is not subject to HIPAA protection. The guidance is clear and straightforward and contains no real surprises to those of us familiar with HIPAA, but… Continue Reading

Apple, the FBI, and iPhone Encryption: A Battle of Biblical Proportions with Implications for HIPAA

Posted in Encryption, Health IT, Privacy & Security

Whether it was an apple or a quince, pomegranate, or some other more botanically-likely fruit growing in the Garden of Eden, God’s command in Genesis was clear: do not eat the fruit from the tree of the knowledge of good and evil.  When Adam and Eve ate the apple (or other fruit) anyway, they gained… Continue Reading

Six Tips for Providers to Reduce the Risk of Obtaining Unreliable HIPAA Compliance and Protection Software

Posted in Health IT

Our partner Elizabeth Litten and I had a recent conversation with our good friend Marla Durben Hirsch who quoted us in her Medical Practice Compliance Alert article, “Beware False Promises From Software Vendors Regarding HIPAA Compliance.” Full text can be found in the February, 2016, issue, but some excerpts regarding 6 tips to reduce the… Continue Reading

Patient Data Must Be Encrypted, Not “Camouflaged”, as Per FTC Settlement

Posted in Health IT, Privacy & Security

Health care vendors beware: if you tell customers that your product provides industry-standard encryption of protected health information in compliance with HIPAA, you’d better be sure it doesn’t simply “camouflage” the data. The FTC recently announced a $250,000 settlement with Henry Schein Practice Solutions, Inc. (“Henry Schein”) for falsely advertising that the software it marketed… Continue Reading

Emailing PHI? NIST Seeks Comments on Trustworthy Email by November 30, 2015

Posted in Health IT, HIPAA Enforcement, Privacy & Security, Uncategorized

When and how should you email PHI, if at all?  The Office for Civil Rights (OCR) offers guidance as to the permissibility of sending PHI via email in this “Frequently Asked Question” answer, but doesn’t provide specifics as to how PHI can be safely emailed.  Whether you are a covered entity or a business associate… Continue Reading

The Jiggery-Pokery of HIPAA Hacks

Posted in Health IT, Privacy & Security

I must thank Justice Scalia for injecting this delightfully descriptive term into the realm of health care.  Justice Scalia’s scathing dissent from the majority in the recent Supreme Court decision interpreting the Patient Protection and Affordable Care Act is rife with memorable expressions, but this is my favorite. The Merriam Webster definition of jiggery-pokery is:… Continue Reading

Health Information Technology in NJ – Where Are We Now?

Posted in Health IT, RHIO & HIE

Part 2 Money talks. In other words, offering financial incentives is one way to effect behavior change.  It seems to have worked in getting providers to adopt and use health IT in everyday practice, both in New Jersey and nationally. HITECH and Meaningful Use Incentive Payments As explained by ONC in its October 2014 “Report to Congress”: “Prior… Continue Reading

Hacked Health Records Prized for their Black Market Value

Posted in Articles, Health IT, Medical Identity Theft, Privacy & Security, Sensitive Health Information

I received a disturbing robo-call over the weekend informing me that someone had attempted to use my credit card number fraudulently in a retail store in the next county. When I called back and verified these were not legitimate charges, my card issuer assured me that I would not be financially responsible, canceled my card… Continue Reading

“Digital Quarantine” or Vaccination? What Cybersecurity Experts Can Learn from Health Care

Posted in Health IT, Privacy & Security

Perhaps the health care industry has a cybersecurity solution staring us in the face:  vaccines.  Perhaps we should be trying to vaccinate our data storage systems rather than relying on firewalls to quarantine them.  In an article posted on www.philly.com, Associated Press author Youkyung Lee says cybersecurity defense has traditionally been based “on the idea… Continue Reading

Welcome to “Fraud Fridays”

Posted in Health IT, New Jersey, Privacy & Security, Security Breach Notification, Sensitive Health Information

This post, written by my colleague Elizabeth Hampton, originally appeared on Garden State Gavel, a new blog focusing on New Jersey litigation topics. Fraud is on the rise in every industry and the lengths that some people will go to make money by “gaming” the system is both fascinating and alarming.  Look for some of these… Continue Reading

Basic HIPAA Question for Mobile Health Application Developers: What Are You?

Posted in Health IT, Privacy & Security

Health-related technology has developed light-years faster than health information privacy and security protection laws and policies, and consumers can find new mobile health applications for a wide range of purposes ranging from diabetes management to mole or rash evaluation to fitness tracking.  Smart mobile app developers wondering when and how HIPAA privacy and security requirements… Continue Reading

Complex New Healthcare Relationships Create New Challenges in Electronic Health Records

Posted in EHR and PHR, Health IT

My partner Elizabeth G. Litten and I were interviewed by Marla Durben Hirsch in the FierceEMR article “Healthcare Attorneys: New Business Relationships Will Create New EHR Problems.” It is always a pleasure for us to talk with Marla because she provokes our thinking in new areas.  While the full text can be found here as… Continue Reading

Embarrassing Fact: Few Seem to Understand HIPAA or the ACA (at least when it comes to individual health coverage to be purchased on an Exchange)

Posted in Health IT, Privacy & Security

I read a recent Forbes.com post by Rick Ungar (“Claims That Obamacare Website Violates Health Privacy Reveals Embarrassing Fact – GOP Does Not Understand HIPAA or Obamacare”) that revealed a truly embarrassing fact:  very few of us really understand HIPAA, let alone the intricacies of the Affordable Care Act (“ACA” or “Obamacare”) and its interplay… Continue Reading

Two Wrongs Don’t Make a Right: How Not to Defend Against Fraud Allegations

Posted in Health IT

If your hospital is being raked over the coals in the media for alleged fraudulent billing, it’s understandable to want to set the record straight. However, releasing patient information without consent is not the wisest approach.  California’s Shasta Regional Medical Center and its parent company Prime Healthcare Services have come under fire for aggressive Medicare billing practices, arising out… Continue Reading

What’s HIT, Doc?

Posted in Health IT

Need to educate the public about health information technology? How about an animated cartoon? According to an article entitled When Health IT Meets Bugs Bunny in Information Week Healthcare,  ONC is seeking bids from contractors to produce short animated films explaining the concepts in plain English. In the RFP, ONC noted: "Although the widespread use of health IT by… Continue Reading

Selecting A Practice Management System? AMA/MGMA Toolkit May Help

Posted in Health IT

Looking to buy or upgrade your scheduling, billing and collection software? Want to make sure what you’re buying meets the latest HIPAA electronic standard transaction criteria and is able to handle the new ICD-10 codes? Shopping for an Electronic Health Record (EHR) system that includes a practice management component and will qualify for HITECH subsidies? The American Medical Association and… Continue Reading

Pennsylvania “QUICKSTEPS” Program to apply $10 Million in Federal Funds Toward Promotion of Pediatric EHR

Posted in Health IT

  Pennsylvania, get ready for another acronym: "QUICKSTEPS" (Quality Improvement and Care for Kids through Electronic Programs).  This is the state’s new five-year pediatric EMR initiative, funded by the U.S. Department of Health and Human Services through the Children’s Health Insurance Program Reauthorization Act, or CHIPRA. Using $10 million in federal grants, the state’s departments of Insurance… Continue Reading

Certifying EHRs for “Meaningful Use”

Posted in EHR and PHR, Health IT, Meaningful Use

On November 2, 2009, the Texas-based Drummond Group Inc. announced in a Press Release that it will submit to become a certifying body upon the release of the Office of the National Coordinator for Health Information Technology (ONC) requirements for certifying bodies for Electronic Health Records (EHR).  ONC is currently working on the scope and definition… Continue Reading

Governance Considerations from HIT for the Board and Other Hospital Stakeholders – The Need for an IT Champion to Serve as a Link between IT Personnel and Other Stakeholders – Installment 7

Posted in Governance Issues, Health IT

This is the seventh installment in a series of blog posts that relate to the governance concerns surrounding developments in HIPAA, HITECH and HIT. For a number of months this series has been emphasizing the importance of establishing a credible and knowledgeable liaison at the governing body and/or senior administrative level to articulate and educate… Continue Reading

Distressed Hospital Survival Through HIT?

Posted in Governance Issues, Health IT

[Installment 6 – Governance Considerations from HIT for the Board and Other Hospital Stakeholders] On August 4, 2009 the Associated Press reported at http://www.usatoday.com/news/health/2009-08-04-electronic-medical-records_N.htm that Sac-Osage Hospital, a 47-bed hospital in rural western Missouri, “is borrowing nearly $1 million to pitch its paper medical charts and purchase a state-of-the-art electronic health records  [EHR] system. The… Continue Reading