Our partner Elizabeth Litten and I had a recent conversation with our good friend Marla Durben Hirsch who quoted us in her Medical Practice Compliance Alert article, “Beware False Promises From Software Vendors Regarding HIPAA Compliance.” Full text can be found in the February, 2016, issue, but some excerpts regarding 6 tips to reduce the
Patient Data Must Be Encrypted, Not “Camouflaged”, as Per FTC Settlement
Health care vendors beware: if you tell customers that your product provides industry-standard encryption of protected health information in compliance with HIPAA, you’d better be sure it doesn’t simply “camouflage” the data.
The FTC recently announced a $250,000 settlement with Henry Schein Practice Solutions, Inc. (“Henry Schein”) for falsely advertising that the software it marketed
Emailing PHI? NIST Seeks Comments on Trustworthy Email by November 30, 2015
When and how should you email PHI, if at all? The Office for Civil Rights (OCR) offers guidance as to the permissibility of sending PHI via email in this “Frequently Asked Question” answer, but doesn’t provide specifics as to how PHI can be safely emailed. Whether you are a covered entity or a business
The Jiggery-Pokery of HIPAA Hacks
I must thank Justice Scalia for injecting this delightfully descriptive term into the realm of health care. Justice Scalia’s scathing dissent from the majority in the recent Supreme Court decision interpreting the Patient Protection and Affordable Care Act is rife with memorable expressions, but this is my favorite.
The Merriam Webster definition of jiggery-pokery is:
Health Information Technology in NJ – Where Are We Now?
Part 2
Money talks.
In other words, offering financial incentives is one way to effect behavior change. It seems to have worked in getting providers to adopt and use health IT in everyday practice, both in New Jersey and nationally.
HITECH and Meaningful Use Incentive Payments
As explained by ONC in its October 2014 “
Health Information Technology in NJ – Where Are We Now?
When I need to travel from the southern part of NJ to northern NJ, I often rely on my car or phone GPS and the relative ease and simplicity of the NJ Turnpike. If I needed my southern NJ physician to share information with my northern NJ physician, I might be surprised to learn that
Hacked Health Records Prized for their Black Market Value
I received a disturbing robo-call over the weekend informing me that someone had attempted to use my credit card number fraudulently in a retail store in the next county. When I called back and verified these were not legitimate charges, my card issuer assured me that I would not be financially responsible, canceled my card
“Digital Quarantine” or Vaccination? What Cybersecurity Experts Can Learn from Health Care
Perhaps the health care industry has a cybersecurity solution staring us in the face: vaccines. Perhaps we should be trying to vaccinate our data storage systems rather than relying on firewalls to quarantine them. In an article posted on www.philly.com, Associated Press author Youkyung Lee says cybersecurity defense has traditionally been based “on the idea
Welcome to “Fraud Fridays”
This post, written by my colleague Elizabeth Hampton, originally appeared on Garden State Gavel, a new blog focusing on New Jersey litigation topics.
Fraud is on the rise in every industry and the lengths that some people will go to make money by “gaming”
Basic HIPAA Question for Mobile Health Application Developers: What Are You?
Health-related technology has developed light-years faster than health information privacy and security protection laws and policies, and consumers can find new mobile health applications for a wide range of purposes ranging from diabetes management to mole or rash evaluation to fitness tracking. Smart mobile app developers wondering when and how HIPAA privacy and security requirements