HIPAA

Protecting Patient Information Without Additional Burdens - 04/02/2019

We believe there was intention by the authors to exclude health care providers and health care related data. Unfortunately, the exemptions in each of these bills as filed may be insufficient to completely exclude health care providers, so physicians would nevertheless be subject to another complex layer of privacy regulations. TMA details these concerns regarding these well-intentioned attempts to strengthen consumers’ privacy below


Get Started on Your HIPAA Security Risk Analysis - 03/13/2019

If you lost a laptop or smartphone, got a computer virus, received a patient HIPAA complaint, or had a business associate breach, would you be prepared? Conducting a security risk analysis is a key requirement of the HIPAA Security Rule and a core requirement for physicians participating in the Medicare and Medicaid electronic health record incentive programs.


Your EHR Vendor Is Not Responsible For Your Security Risk Analysis - 03/11/2019

A Security Risk Analysis is a living document that should be reviewed at least annually to find new vulnerabilities, such as new technology, system upgrades, and any other changes within your practice that could affect the security of protected health information.


Security Risk Analysis for HIPAA — and Medicare/Medicaid? - 03/08/2019

Do you need to conduct a security risk analysis or review of your practice in the next 72 days?


HIPAA Gap Analysis and Training - 03/08/2019

Training is the first step to HIPAA compliance. Have TMA’s certified HIPAA Compliance Officer provide training for physicians and staff on HIPAA fundamentals and Texas medical privacy laws.


CyberCompass - 03/08/2019

Get access to affordable security risk analysis and HIPAA compliance software that doesn’t require expertise to use. Just answer simple questions and CyberCompass™ will tell you what steps to take to manage HIPAA compliance.


TMA Vendor Can Help Your Practice With HIPAA Security Risk Analysis - 03/08/2019

As you probably know, the HIPAA Security Rule requires covered entities and their business associates to conduct or review a risk analysis of their health care organization. To help protect you and your practice, the Texas Medical Association has negotiated a discount with CyberCompass, a cyber-risk analysis tool that takes physicians through a step-by-step guided experience.


New Tool Helps With HIPAA Compliance - 10/30/2018

An upgraded tool from the U.S. Department of Health and Human Services (HHS) might make HIPAA security risk assessments easier. The Security Risk Assessment Tool 3.0 is designed to help practices with one to 10 physicians identify their risks and vulnerabilities with electronic protected health information (ePHI) and then implement appropriate security measures.


True Savings of Mobile HIPAA-Secure Communication - 06/21/2018

In many situations, texting is the fastest and most efficient way to send information, but physicians who use traditional methods to text clinical information to each other risk exposing themselves to HIPAA privacy and security violations. However, physicians who adopt a secure platform for sending such messages, such as DocbookMD, can benefit by saving time, money, and even lives.


Know Your Rights to Your Patients’ PHI - 06/04/2018

As your business associate, your electronic health record vendor is subject to HIPAA Privacy and Security rules with respect to patients’ protected health information.


Make Sure HIPAA Isn’t a Big Problem For Your Small Practice - 05/09/2018

To help you get a grasp on the basics of HIPAA, the Department of Health and Human Services Office for Civil Rights is offering free training in Texas.


Text Orders Securely and Within Guidelines - 04/19/2018

The Joint Commission now says it’s OK to text orders, with certain requirements. If you do send orders via text messaging, be sure to establish guidelines in writing in your practice’s policies and procedures manual.


Secure Mobile Lab Communications Possible Through DocbookMD - 04/06/2018

Safely and securely receive patients’ critical and stat results directly to a mobile device through DocbookMD, a free benefit for Texas Medical Association members.


Is Your Patients’ HIPAA-Protected Information Secure? - 03/09/2018

A guide from TMA-endorsed DocbookMD helps smaller practices understand the risks of using mobile devices and how to stay HIPAA-secure.


18 Privacy Pitfalls. One Easy (and Free) Mobile Solution - 12/16/2017

If you want to make sure all of your practice’s mobile communications stay complaint with HIPAA regulations, you should check out DocbookMD.


Get Hip to HIPAA Rules With Training From HHS, TMA - 08/01/2017

Because practices of all types and sizes must comply with them, the rules are flexible and scalable. But that means there isn’t a single standardized program that can properly train employees of all entities.Well, let me steer you to the U.S. Health and Human Services Department’s free CME training on HIPPA.


Why You Need Business Associate Agreements - 05/26/2017

A medical practice in Illinois in April paid a $31,000 fine because it didn’t have a business associate agreement (BAA) with one of its long-time vendors. Any chance your practice has overlooked signing a BAA with any of its business associates?


New White Paper Helps You Stay HIPAA Secure - 04/19/2017

TMA and DocbookMD are offering a new, free white paper to help answer your HIPAA questions about the proper use of mobile technology in health care.


Reporting Suspicious Cyber Activity to the Feds - 03/16/2017

Help protect the entire health care system from cybersecurity threats by reporting any suspicious cyber activity to the U.S. Computer Emergency Readiness Team.


Is a Ransomware Attack a HIPAA Breach? - 02/02/2017

It is if the ransomware attack encrypts electronic protected health information. Here’s what you need to do.


HIPAA Audit, Phase 2: Are You in Compliance? - 02/02/2017

The federal government has begun its Phase 2 HIPAA Audit Program. The program aims to assess compliance with a wide array of HIPAA Privacy, Security, and breach notification rules.


Return-to-Work or -School Releases and HIPAA - 01/27/2017

Is it necessary to have an authorization signed by the patient or parent for a return-to-work or return-to-school release?


Phishing Email Poses as OCR HIPAA Audit Notification - 12/19/2016

A new phishing scam targeting HIPAA-covered entities might fool you into thinking that email you receive is an official communication from the U.S. Office for Civil Rights.


HHS Warns of HIPAA Email Phishing Scam - 12/16/2016

The U.S. Department of Health & Human Services (HHS) Office for Civil Rights (OCR) recently warned covered entities and their business associates about an email that disguises itself as an official communication from HHS. The email, commonly known as a phishing email, prompts recipients to click a link regarding possible inclusion in the HIPAA Privacy, Security, and Breach Rules Audit Program, and directs individuals to a nongovernmental website marketing a firm's cybersecurity services.


Requests for Records Must Be in Writing - 12/06/2016

Can we require all requests for copies of medical records be in writing, even though HIPAA says we must honor oral requests?