Compliance Corner

PHNS is committed to the confidentiality and security of our customers’ and their patients’ information. The weekly Compliance Corner Reminders are designed to refresh PHNS employees’ memories about their valuable roles in privacy and security under HIPAA and other federal and state laws.

Download Compliance Articles

03/09/2010
Compliance Corner - Remote Worksite Security
Category: Update

HIPAA's privacy and security rules protect patient-specific information and apply no matter where the information is being accessed - on-site at a facility or off-site at a remote location, such as your home.  How can you protect the privacy and security of the data and information you use at the remote site?

Download (PDF)
02/26/2010
Data Breaches Now Public
Category: Update

As required by the Health Information Technology for Economic and Clinical Health (HITECH) Act, this week the Office of Civil Rights (OCR) posted a summary of data breaches that affected 500 or more individuals per breach. A total of 36 reports were received from 35 organizations that have reported breach situations.

Download (PDF)
02/22/2010
Your Compliance Connection Newsletter February 2010 - Additional Changes to the HIPAA Privacy and Security Rules
Category: Newsletter

On Februrary 17th, additional changes to the HIPAA privacy and security rules went into effect.  This issue of Your Compliance Connection will focus on those changes and how they affect PHNS.

Download (PDF)
02/19/2010
Just the Minimum Necessary
Category: Update

The Health Information Technology for Economic and Clinical Health Act (HITECH) was passed last year as part of the American Recovery and Reinvestment Act of 2009 (ARRA).  Included in HITECH were significant changes to the HIPAA privacy and security rules.  One change to the privacy rule that became effective 2/17/10 involves the minimum necessary standard. 

Download (PDF)
02/11/2010
California Data Breaches
Category: Update

On January 1, 2009, California enacted one of the toughest data breach notification laws.  Providers must report to the patient and to the state any breach of unsecured protected health information within five business days of becoming aware of the breach.

Download (PDF)
02/05/2010
You've Got E-Mail!
Category: Update

Just as a diamond may last forever, so too can an e-mail.  A sent e-mail remains in cold, hard electronic print for as long as the recipient chooses.  Without supporting context, the e-mail speaks for itself and can sometimes send the wrong message.

Download (PDF)
01/29/2010
Is Your Password 123456?
Category: Update

We use passwords to access information systems at work, to access personal banking information, to operate our home security system.  The list is endless.  But how safe and secure are your passwords?

Download (PDF)
01/22/2010
Only You Can Stop Verbal Breaches!
Category: Update

Be extra careful when verbally releasing patient-specific information.  Remember to make sure you are speaking to or releasing information to authorized individuals.  Always be aware of your immediate surroundings before speaking.

Download (PDF)
01/18/2010
Your Compliance Connection for January 2010
Category: Newsletter

This issue of "Your Compliance Connection" presents information on a variety of topics: the American Recovery and Reinvestment Act (ARRA), the National Health Security Strategy (NHSS) and social media risks.

Download (PDF)
01/15/2010
HIPAA Violation Lawsuit
Category: Update

In February of last year, the Health Information Technology for Economic and Clinical Health Act (HITECH) gave state attorneys general the power to prosecute HIPAA privacy and security violations at the state level.  In what may be the first time this power is exercised, Connecticut Attorney General Richard Blumenthal on January 13, 2010 filed a lawsuit charging Heath Net of Connecticut Inc. with violations of the HIPAA privacy and security rules following a large breach of identifiable medical records and Social Security numbers.

Download (PDF)