In a recent interview with an official from the federal Office of Civil Rights (OCR), which enforces HIPAA privacy and security rules, three emerging areas of concern were identified for covered entities.
Hacking and ransomware continue to be a significant problem for the health-care sectors and covered entities must develop and maintain an incident response plan to deal with these attacks.
OCR also advised that health-care providers have to be particularly careful when responding to patient complaints on online platforms, if they respond at all. These responses could result in the wrongful disclosure of protected health information of their patients, resulting in significant OCR enforcement actions.
Finally, HIPAA-covered entities must exercise caution when employing website tracking technologies particularly around business associates agreements and obtaining patient consent.
Reference
Lewis J. (2023) OCR Official Speaks About Compliance Concerns for HIPAA-Covered Entities and Business Associates JDSUPRA (accessed August 21, 2023).
Recent Posts
Medicaid in Focus: What Audiologists Need to Know Now
With the recent changes to Medicaid, the Academy is preparing audiologists with the new one-pager, “Audiology in Medicaid”, an exclusive member resource designed to educate on…
American Academy of Audiology Clinical Consensus Statement: Assessment of Vestibular Function in the Pediatric Population
Authors: Violette Lavender, AuD, Kristen Janky, PhD, Katheryn Bachmann, PhD, Melissa Caine, AuD, Micheal Castiglione, AuD, Guangwei Zhou, ScD The American Academy of Audiology Clinical…
CMS Releases CY 2026 Hospital Outpatient Prospective Payment System and Ambulatory Surgical Center Proposed Rule
On July 15, the Centers for Medicare and Medicaid Services (CMS) released the calendar year (CY) 2026 Hospital Outpatient Prospective Payment System (OPPS) and Ambulatory Surgical Center (ASC) Payment System proposed rule,…