Campaign: Developers and HIPAA

HIPAA E-Signature Requirements

We are a small organization starting up a tele-health initiative. We would like to deliver a copy of our Notice of Privacy Practices electronically and have patients acknowledge receipt via check box prior to completing our online intake forms. This method is used for acceptance when one downloads software online. We are having a difficult time understanding the requirements for this. Can it be a check box and/or typed ...more »

Submitted by

Who are your customers? Check all that apply : Patients/Individuals/Consumers

What is your organization? : Health care provider or health plan, Small company, Not for profit

Voting

3 votes
3 up votes
0 down votes
Answered Questions

Campaign: Developers and HIPAA

Audits

With random audits becoming a feature of HIPAA enforcement, small companies and Business Associates should ensure that information sought by OCR is readily available. This will allow OCR to make assessments quickly and efficiently. Making this process efficient also limits the disruptive impact audits can have on emerging companies.┬áSimilar to the practice of the FCC,┬ácan OCR provide guidance for Business Associates regarding ...more »

Submitted by

Who are your customers? Check all that apply : Business associates (operates on behalf of/provides service to health care provider/health plan, e.g., an EHR vendor), Other, General Public, Patients/Individuals/Consumers

What is your organization? : Small company, Trade association

Voting

5 votes
6 up votes
1 down votes
Answered Questions

Campaign: Developers and HIPAA

Developer and HIPAA

Assume you have a software company that will be using a smartphone application and related device to record and store arguably protected health information. 1. Assume the software company stores the information on its own servers. The company is not subject to HIPAA (privacy or security rules) because it isn't a covered entity or a business associate of a covered entity, correct? 2. Now assume that the software ...more »

Submitted by

Who are your customers? Check all that apply : Business associates (operates on behalf of/provides service to health care provider/health plan, e.g., an EHR vendor), Other, General Public, Patients/Individuals/Consumers

What is your organization? : Attorney/other compliance consultant

Voting

2 votes
2 up votes
0 down votes
Answered Questions

Campaign: Developers and HIPAA

De-identification of individuals' information

Is there any limitation on a covered entity's de-identification of PHI or use of de-identified information? For example, may a covered entity de-identify information purely for the purposes of selling data as a service? Additionally, from a Privacy Rule perspective (i.e., not considering state law or contractual considerations), are there any restrictions on a business associate using or disclosing the de-identified ...more »

Submitted by

Who are your customers? Check all that apply : Patients/Individuals/Consumers

What is your organization? : Attorney/other compliance consultant

Voting

3 votes
3 up votes
0 down votes
Answered Questions