Text messaging is a convenient way for busy doctors to communicate, but for years, the question has remained: are doctors allowed to convey sensitive health information with other members of their provider team over SMS? The answer is now “yes,” thanks to a memo published last week by the U.S. Department of Health & Human
Health IT
There’s An App For That Health Information – But is it HIPAA-Covered?
“Maybe” is the take-away from recent guidance posted on OCR’s mHealth Developer Portal, making me wonder whether the typical health app user will know when her health information is or is not subject to HIPAA protection.
The guidance is clear and straightforward and contains no real surprises to those of us familiar with HIPAA,…
Apple, the FBI, and iPhone Encryption: A Battle of Biblical Proportions with Implications for HIPAA
Whether it was an apple or a quince, pomegranate, or some other more botanically-likely fruit growing in the Garden of Eden, God’s command in Genesis was clear: do not eat the fruit from the tree of the knowledge of good and evil. When Adam and Eve ate the apple (or other fruit) anyway, they gained…
Six Tips for Providers to Reduce the Risk of Obtaining Unreliable HIPAA Compliance and Protection Software
Our partner Elizabeth Litten and I had a recent conversation with our good friend Marla Durben Hirsch who quoted us in her Medical Practice Compliance Alert article, “Beware False Promises From Software Vendors Regarding HIPAA Compliance.” Full text can be found in the February, 2016, issue, but some excerpts regarding 6 tips to reduce the…
Patient Data Must Be Encrypted, Not “Camouflaged”, as Per FTC Settlement
Health care vendors beware: if you tell customers that your product provides industry-standard encryption of protected health information in compliance with HIPAA, you’d better be sure it doesn’t simply “camouflage” the data.
The FTC recently announced a $250,000 settlement with Henry Schein Practice Solutions, Inc. (“Henry Schein”) for falsely advertising that the software it marketed…
Emailing PHI? NIST Seeks Comments on Trustworthy Email by November 30, 2015
When and how should you email PHI, if at all? The Office for Civil Rights (OCR) offers guidance as to the permissibility of sending PHI via email in this “Frequently Asked Question” answer, but doesn’t provide specifics as to how PHI can be safely emailed. Whether you are a covered entity or a business…
The Jiggery-Pokery of HIPAA Hacks
I must thank Justice Scalia for injecting this delightfully descriptive term into the realm of health care. Justice Scalia’s scathing dissent from the majority in the recent Supreme Court decision interpreting the Patient Protection and Affordable Care Act is rife with memorable expressions, but this is my favorite.
The Merriam Webster definition of jiggery-pokery is:…
Health Information Technology in NJ – Where Are We Now?
Part 2
Money talks.
In other words, offering financial incentives is one way to effect behavior change. It seems to have worked in getting providers to adopt and use health IT in everyday practice, both in New Jersey and nationally.
HITECH and Meaningful Use Incentive Payments
As explained by ONC in its October 2014 “…
Health Information Technology in NJ – Where Are We Now?
When I need to travel from the southern part of NJ to northern NJ, I often rely on my car or phone GPS and the relative ease and simplicity of the NJ Turnpike. If I needed my southern NJ physician to share information with my northern NJ physician, I might be surprised to learn that…
Hacked Health Records Prized for their Black Market Value
I received a disturbing robo-call over the weekend informing me that someone had attempted to use my credit card number fraudulently in a retail store in the next county. When I called back and verified these were not legitimate charges, my card issuer assured me that I would not be financially responsible, canceled my card…