Category: HIPAA Information


No Business Associates Agreement? $31K Mistake

Posted by kentuckyrec in HIPAA Information. No Comments

25th April

From the HHS Office of Civil Rights on April 20, 2017: No Business Associate Agreement? $31K Mistake

The Center for Children’s Digestive Health (CCDH) has paid the U.S. Department of Health and Human Services (HHS) $31,000 to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule and agreed to implement a corrective action plan. CCDH is a small, for-profit health care provider with a pediatric subspecialty practice that operates its practice in seven clinic locations in Illinois.

In August 2015, the HHS Office for Civil Rights (OCR) initiated a compliance review of the Center for Children’s Digestive Health (CCDH) following an initiation of an investigation of a business associate, FileFax, Inc., which stored records containing protected health information (PHI) for CCDH. While CCDH began disclosing PHI to Filefax in 2003, neither party could produce a … Read More »


Kentucky REC FREE HIPAA Security Webinar – April 11

Posted by billpowell in HIPAA Information, News. No Comments

27th March

Register today to learn about your required Security Risk Analysis. Stay compliant!

Please join us for a discussion on HIPAA Security Rule basics and best practices. We will cover tips, tools, and tactics for implementing thorough compliance in 2017.

The Kentucky REC Privacy and Security experts will be hosting a webinar to share the requirements and processes for completing an annual Security Risk Analysis. Our expert panel will discuss the required/addressable standards of the HIPAA Security Rule and defensible steps that practices can take to ensure they are meeting all compliance requirements.  In this conversation our experts will ensure that organizations are equipped with compliance best practices and the most up-to-date methods for completing a Security Risk Analysis. In addition, our experts will cover the Office of Civil Rights (OCR) audit protocols, highlighting how the Office of Inspector General (OIG) concentrates their … Read More »


OCR Publishes Guidance Regarding Audit Controls

Posted by kentuckyrec in HIPAA Information. No Comments

24th January

From HHS OCR Cyber Newsletter:  Understanding the Importance of Audit Controls

Covered Entities and Business Associates should make sure that they appropriately review and secure audit trails, and they use the proper tools to collect, monitor, and review audit trails. Protecting audit logs and audit trails prevent intruders from tampering with the audit records and protecting their integrity. Not safeguarding audit logs and audit trails can allow hackers or malevolent insiders to cover their electronic tracks, making it difficult for Covered Entities and Business Associate to not only recover from breaches, but to prevent them before they happen.

According to the National Institute of Standards and Technology (NIST), audit logs are records of events based on applications, users, and systems, and audit trails involve audit logs of applications, users, and systems. Audit trails’ main purpose is to maintain a record of system … Read More »


CMS Update: QRDA-III Instructions for 2017 ECs Now Available

10th January

The Centers for Medicare & Medicaid Services (CMS) has published Version 0.1 of the 2017 CMS Implementation Guide for Quality Reporting Document Architecture Category III (QRDA-III) Eligible Clinician Programs with schematrons and sample files. As CMS continues to build the submission portal for eligible clinician reporting, ongoing testing and feedback from stakeholders is essential. As part of this process, CMS encourages partners and stakeholders to utilize these tools and provide feedback on an ongoing basis. CMS has made the guide, schematrons and sample files available for a public comment period on the ONC QRDA JIRA Issue Tracker until April 1, 2017. A JIRA account is required to comment. You can find the implementation guide and supplemental documents on the CMS eCQM Library and the Electronic Clinical Quality Improvement (eCQI) Resource Center. Additional information pertaining to eligible clinician reporting can be found on … Read More »


New Healthcare Transformation Survival Seminar in Lexington – January 26

6th October

UPDATE: A LEXINGTON SEMINAR HAS BEEN ADDED ON JANUARY 26TH!

Healthcare Transformation Survival Seminar Series 

Don’t miss this opportunity to take an in-depth look at the Medicare Access and CHIP Reauthorization Act (MACRA) Final Rule and Stage 3 Meaningful Use requirements! This seminar will also cover the latest happenings around Value-Based Payment Models, PQRS and Quality Reporting, HIPAA Privacy & Security, Patient-Centered Medical Home. Lunch will be provided!

This activity has been approved for AMA PRA Category 1 Credit™

Register Now
Dates/Locations

November 18, 2016 – Hazard, KY
Hazard Community & Technical College
First Federal Center, Room 123A
1 Community College Drive
Hazard, KY 41701

December 2, 2016 – Erlanger, KY
St. Elizabeth Training and Education Center
3861 Olympic Blvd
Erlanger, KY 41018

December 8, 2016 – Owensboro, KY
Owensboro Convention Center
501 W 2nd St
Owensboro, KY 42301

January 26,  2017 – Lexington, KY
Embassy Suites
1801 Newtown Pike
Lexington, KY 40511

Registration Fee

Clinicians/Practice Representatives/Non-profit organizations: $25
Vendors and Non-Practice Representatives: $75

Register Now
Partners