AIS's HIPAA Compliance Center
Web Site Access • Narrative Sections • Monthly Newsletters • Government Documents
Atlantic Information Services, Inc., Washington, D.C. • www.AISHealth.com
HOME
Newsletter Report
on Patient Privacy
Narrative Sections
Privacy
(1) General Privacy Requirements
(2) Preemption of State Law
(3) Getting Organized for Compliance
(4) Gap Analysis and Project Planning
(5) Completing a Risk Assessment
(6) Patients' Rights
(7) Use and Disclosure of PHI
(8) PHI and Research
(9) Safeguarding PHI
(10) Reserved
(11) Employee Education and Training
(12) Marketing and Fundraising
(13) Recordkeeping and Reporting
(14) Privacy Audits
(15) Implications for Employers
 
Security
(16) Overview of the Security Rule
(17) General Framework
(18) Security and Privacy
(19) Security Management
(20) Risk Analysis and Management
(21) Contingency Planning
(22) Contingency Planning, Business Continuity and Disaster Recovery
(23) Workforce, Physicians and Contractors
(24) Training and Education
(25) Reserved
(26) Standards for Physical Safeguards
(27) Standards for Technical Safeguards
(28) Security Auditing and Audit Controls
(29) Data Security Audits
(30) Electronic Signatures
 
Privacy and Security
(40) Selecting and Implementing EHRs/PHRs
(41) Breach Notification Requirements
(42) Business Associates
 
Government Documents
Latest Changes in Web Site
Chronology of All Web Changes
Customer Service
Contact the Editor
 

Latest Changes in Site

August 3, 2010 — Report on Patient Privacy

The August issue of Report on Patient Privacy has been posted.

July 6, 2010 — Report on Patient Privacy

The July issue of Report on Patient Privacy has been posted.

June 1, 2010 — Report on Patient Privacy

The June issue of Report on Patient Privacy has been posted.

May 27, 2010 — Revised Content

Narrative Sections
New Section (42), Business Associates combines Privacy Section (10) and Security Section (25) and adds the HITECH requirements that apply to business associates.

Government Documents
Links have been updated
New documents have been added
Draft Risk Assessment Guidance, OCR
Safeguarding Health Information, OCR, NIST (conference materials)

May 3, 2010 — Report on Patient Privacy

The May issue of Report on Patient Privacy has been posted.

April 1, 2010 — Report on Patient Privacy

The April issue of Report on Patient Privacy has been posted.

March 3, 2010 — Report on Patient Privacy

The March issue of Report on Patient Privacy has been posted.

February 19, 2010 — Revised Content

  • Privacy (6) Patients’ Rights
    • ¶1300 Added cross-references
    • ¶1321 Updated this section to reflect the restrictions on PHI that the covered entity must agree to as of Feb. 17, 2010
    • ¶1329 Updated the policy and procedure on Requesting Restrictions on Uses and Disclosures to state the restrictions the covered entity must comply with
    • ¶1330 Incorporates the HITECH Act’s extension of an individual’s access to PHI to the electronic health record
    • ¶1335 Adds electronic health records to the discussion of fees
    • ¶1350 Updates section with HITECH requirement for accounting of disclosures from electronic health record
    • ¶1353.2 Incorporates the two processes from the HITECH Act that covered entities may use to comply with the EHR accounting for disclosures requirement
    • ¶1360 Updates the individual rights checklist with HITECH requirements
  • Privacy (7) Uses and Disclosures of PHI
    • ¶1529 Updated policy and procedure on use and disclosure of PHI when no payment is involved
    • ¶1530 This new section summarizes the HITECH Act prohibition on selling PHI or electronic health records.

 

 

 

 

   
     

Copyright © 2010 by Atlantic Information Services, Inc. (AIS). All rights reserved.
AIS - 1100 17th Street, NW, Suite 300, Washington, D.C. 20036
Phone 202-775-9008 or 800-521-4323; E-mail customerserv@aispub.com