Norma Panther and Maria Candia

Posted and filed under Compliance, Healthcare.

Advize Health presented “Is Anyone Truly HIPAA Compliant in Healthcare?” to ISACA West Florida Chapter’s Tampa Governance Risk and Compliance (GRC) Conference.

Highlights included:

  • Understanding HIPAA
  • Breach / Violation Statistics
  • Breach Examples
  • Why We Should Care?
  • As Seen At Our Clients:
  • Providers
  • Payers
  • Where is HIPAA Heading?

Compliance issues investigated most (in order of frequency) were:

  • Impermissible uses and disclosures of PHI
  • Lack of safeguards of PHI
  • Lack of patient access to their PHI
  • Lack of administrative safeguards of electronic PHI and;
  • Use or disclosure of more than the minimum necessary PHI

The most common types of covered entities that have been required to take corrective action to achieve voluntary compliance are, in order of frequency:

  • Private practices
  • General hospitals
  • Outpatient facilities
  • Pharmacies
  • Health plans

To read more, download our presentation here.