Legal Risks of Sharing Patient Photos in Dermatology & Cosmetic Surgery

Legal Risks of Sharing Patient Photos in Dermatology & Cosmetic Surgery

Testimonials from real patients are some of the most compelling marketing tools available. For that reason, and because of the ubiquity with which potential patients ask about your results, it is common for your success stories to adorn your dermatology or cosmetic surgery practice’s website. Powerful before-and-after photos of a dermatological or aesthetic transformation build...

read more

Mouth Open, Lips Sealed: 5 Five HIPAA Tips for Dentists

Mouth Open, Lips Sealed: 5 Five HIPAA Tips for Dentists

If you are a dentist, you already understand the importance of HIPAA’s mandate that you safely store and protect your patients’ personal health information (PHI). While the main goal of HIPAA is to keep patients’ private information secure, it is equally important to take proactive steps to prevent potential breaches of data and unauthorized access...

read more

You’ve Been Served: A Mental Health Provider’s Guide to Records Requests

You’ve Been Served: A Mental Health Provider’s Guide to Records Requests

Mental health providers engage with highly confidential health information on a daily basis. From our experience, psychiatrists and therapists also tend to be sensitive to the information in their patient records and very HIPAA-literate.  For these reasons, a police request or court order for patient records can be stressful and confusing. Who has the right...

read more

“Don’t Tell My Mom”: A Guide to HIPAA Compliance for Minor Patients

“Don’t Tell My Mom”: A Guide to HIPAA Compliance for Minor Patients

As a healthcare provider, when a minor patient approaches you and pleads, “Don’t tell my mom,” abiding by your patient’s wishes is anything but simple. In fact, HIPAA offers no protection to minors and requires healthcare providers to release a minor patient’s medical records to the child’s parent or guardian when requested. This guide to...

read more

5 Lessons from the ATI Physical Therapy HIPAA Breach

5 Lessons from the ATI Physical Therapy HIPAA Breach

Earlier this month, ATI Physical Therapy in Illinois submitted a HIPAA breach notification to the U.S. Department of Health and Human Services. An IT-related breach compromised the protected health information (“PHI”) of 35,136 patients.  In January, ATI discovered that some employees’ direct deposit information had been altered, and it subsequently launched a forensic investigation into...

read more

Why your Notice of Privacy Practices alone doesn’t satisfy your HIPAA obligations

Why your Notice of Privacy Practices alone doesn’t satisfy your HIPAA obligations

We hear this question a lot. “I already have a Notice of Privacy Practices. Does that mean I don’t need the HIPAA policy you mentioned?” And the answer is always, without exception, a resounding no. A Notice of Privacy Practices document is not a substitute for written privacy policies and procedures, nor is it sufficient to satisfy...

read more

How to Ensure Your Texts & Emails Don’t Violate HIPAA: Connor Jackson guest blogs for WebPT

How to Ensure Your Texts & Emails Don’t Violate HIPAA: Connor Jackson guest blogs for WebPT

Patients and providers alike are relying upon text messages, social media, and email to communicate with or about patients’ healthcare. But this often places patients’ personal health information at risk, and these forms of communication may put providers in HIPAA’s crosshairs. Check out partner Connor Jackson’s latest guest blog for WebPT, and learn 10 tips...

read more

Failure to notify patients of privacy breach: Illinois hospital settles for $475k

Failure to notify patients of privacy breach: Illinois hospital settles for $475k

The U.S. Department of Health and Human Services, Office for Civil Rights, settled with a healthcare system for its untimely reporting of a breach of its unsecured, private health information. Presence Health has agreed to pay $475,000 and implement a corrective action...

read more

Life insurance company settles HIPAA breach for $2,200,000​​​​​​​

Life insurance company settles HIPAA breach for $2,200,000​​​​​​​

The U.S. Department of Health and Human Services announced a HIPAA settlement after MAPFRE Life Insurance Company of Puerto Rico disclosed unsecured electronic protected health information...

read more