Jo Ellen Whitney

Jo Ellen Whitney

Davis Brown Law Firm

Contact  |  View Bio  |  RSS

Latest Posts › HIPAA

Share:

Why Do I Need a Business Associate Agreement? Ensuring Your Business is HIPAA and HITECH Compliant

Many companies have recently begun receiving Business Associate Agreements from healthcare entities, including hospitals, clinics, physician offices, public health facilities and similar types of organizations. Business...more

4/29/2014 - Compliance Data Protection Healthcare HIPAA HITECH Hospitals

Minimum Necessary and the Breach Standard

When the new HITECH rules came out OCR specifically said, “...uses or disclosures that impermissibly involve more than the minimum necessary information...may qualify as breaches.” But what exactly is the minimum necessary...more

4/23/2014 - Covered Entities Disclosure Requirements Health Insurance HIPAA HITECH OCR

OCR Announces the Results from it's Pilot Audit and it's Plans For Next Year

The Office of Civil Rights Audit Pilot Program has come to an end with 115 audits, primarily in person, having been completed. The Pilot Program had multiple revelations in privacy, some of which were probably, not so...more

4/22/2014 - Audits Covered Entities Healthcare HIPAA Internal Audit Functions KPMG Notice Requirements OCR Risk Assessment

HIPAA Impaired Providers and the ER - What Happens When Your Employee Becomes Your Patient?

I was speaking this week at IAHIMA’s Annual Conference on the issues relating to HIPAA audits and recent updates from OCR and ONC. As part of my program we typically solicit questions prior to the presentation, most of which...more

4/21/2014 - Audits Healthcare Healthcare Professionals HIPAA Hospitality Industry Hospitals Illegal Drugs OCR ONC Patients Prescription Drugs

Employment Law Blog - Lucky 13 - The Office of Civil Rights Enters into its 13th Corrective Action Plan

Charged with enforcing HIPAA and chided along by Congress to do a more proactive enforcement job, the Office of Civil Rights at HHS has entered into its 13th Corrective Action Plan for a covered entity....more

6/24/2013 - Corrective Actions Covered Entities HHS HIPAA Media PHI Public Disclosure

Employment Law Blog: Settle One, File Another - The EEOC Enforces GINA

HIPAA addresses a wide array of issues relating to medical privacy. It now also addresses if your momma’s ugly and that might be passed on to you. In addition to privacy and security the HIPAA Omnibus regulations also...more

6/19/2013 - EEOC GINA HIPAA HIPAA Omnibus Rule Hiring & Firing Job Applicants

Employment Law Blog: Regzilla Stomps Another One! - Idaho State University and the Compliance Gap Analysis

Presumably at this point HIPAA, HITECH and the Omnibus Regulation have been published, digested and everyone is in full compliance with the requirements that have been set forth....more

6/19/2013 - Compliance HIPAA HIPAA Omnibus Rule HITECH OCR Risk Assessment

Health Law: HIPAA Omnibus Regulation - I Want to Comply but What Exactly is Compromised Information?

The HIPAA Omnibus Regulation was publicly distributed by HHS last week with today, January 25, being the official publication date. The requirements are effective as of March 26, 2013 with a compliance deadline for almost...more

1/28/2013 - Business Associates Compliance Compromised Information Data Breach Data Protection HHS HIPAA HIPAA Omnibus Rule OCR PHI

Health Law: Family Feud Redux - The Release of Information to Family Members - HIPAA 164.510(B) & the New Standard

It has always been difficult to make determinations regarding what information can be provided to a family member once a patient or long-term care resident has passed away....more

1/25/2013 - Durable Power of Attorney Executors Family Members HIPAA Long-Term Care Release of Information

Health Care Reform Blog: Who is a Business Associate and Why Do We Care?

Under the revised HIPAA regulations published on 01/25/2013 business associates and their subcontractors become specifically liable for most of the security and privacy regulations under HIPAA and the HITECH Act....more

1/23/2013 - Business Associates Covered Entities Data Breach Data Protection HIPAA HIPAA Omnibus Rule HITECH Subcontractors

Health Law: OCR Has Been Busy - New Rules and Ability to Release Information in an Emergency

On Jan. 15, Leon Rodriguez, Director of the Office of Civil Rights, released a letter to the nations’ healthcare providers reiterating adherence to what many commonly refer to as the Tarasoff standard....more

1/22/2013 - Data Breach Data Protection GINA HHS HIPAA HITECH Notice Requirements OCR PHI Privacy Policy Tarasoff Standard

11 Results
|
View per page
Page: of 1