What Your Attorney Didn’t Tell You about Your New Healthcare Practice

What Your Attorney Didn’t Tell You about Your New Healthcare Practice

Do you have a HIPAA plan? A corporate compliance plan? You might be surprised to learn that your new healthcare practice is not up-to-par when it comes to healthcare regulations. Here are four common healthcare startup mistakes that your startup attorney may have overlooked. Launching a new healthcare practice involves a long list of legal...

read more

Legal Risks of Sharing Patient Photos in Dermatology & Cosmetic Surgery

Legal Risks of Sharing Patient Photos in Dermatology & Cosmetic Surgery

Just because your peers feature before-and-after photos in their marketing doesn’t mean that it’s legally compliant. Learn the risks of sharing patient photos and how you can stay on the right side of HIPAA and your state laws. Testimonials from real patients are some of the most compelling marketing tools available. For that reason, and...

read more

Mouth Open, Lips Sealed: 5 Five HIPAA Tips for Dentists

Mouth Open, Lips Sealed: 5 Five HIPAA Tips for Dentists

Keep your dental practice HIPAA compliant by enacting policies that protect your patients’ information against data breaches. If you are a dentist, you already understand the importance of HIPAA’s mandate that you safely store and protect your patients’ personal health information (PHI). While the main goal of HIPAA is to keep patients’ private information secure,...

read more

You’ve Been Served: A Mental Health Provider’s Guide to Records Requests

You’ve Been Served: A Mental Health Provider’s Guide to Records Requests

Received a subpoena or court order for confidential information? We untangle some of the issues around releasing your therapy patient’s records. Mental health providers engage with highly confidential health information on a daily basis. From our experience, psychiatrists and therapists also tend to be sensitive to the information in their patient records and very HIPAA-literate. ...

read more

“Don’t Tell My Mom”: A Guide to HIPAA Compliance for Minor Patients

“Don’t Tell My Mom”: A Guide to HIPAA Compliance for Minor Patients

As a healthcare provider, when a minor patient approaches you and pleads, “Don’t tell my mom,” abiding by your patient’s wishes is anything but simple. In fact, HIPAA offers no protection to minors and requires healthcare providers to release a minor patient’s medical records to the child’s parent or guardian when requested. This guide to...

read more

5 Lessons from the ATI Physical Therapy HIPAA Breach

5 Lessons from the ATI Physical Therapy HIPAA Breach

Earlier this month, ATI Physical Therapy in Illinois submitted a HIPAA breach notification to the U.S. Department of Health and Human Services. An IT-related breach compromised the protected health information (“PHI”) of 35,136 patients.  In January, ATI discovered that some employees’ direct deposit information had been altered, and it subsequently launched a forensic investigation into...

read more

Why your Notice of Privacy Practices alone doesn’t satisfy your HIPAA obligations

Why your Notice of Privacy Practices alone doesn’t satisfy your HIPAA obligations

We hear this question a lot. “I already have a Notice of Privacy Practices. Does that mean I don’t need the HIPAA policy you mentioned?” And the answer is always, without exception, a resounding no. A Notice of Privacy Practices document is not a substitute for written privacy policies and procedures, nor is it sufficient to satisfy...

read more

How to Ensure Your Texts & Emails Don’t Violate HIPAA: Connor Jackson guest blogs for WebPT

How to Ensure Your Texts & Emails Don’t Violate HIPAA: Connor Jackson guest blogs for WebPT

Patients and providers alike are relying upon text messages, social media, and email to communicate with or about patients’ healthcare. But this often places patients’ personal health information at risk, and these forms of communication may put providers in HIPAA’s crosshairs. Check out partner Connor Jackson’s latest guest blog for WebPT, and learn 10 tips...

read more

Failure to notify patients of privacy breach: Illinois hospital settles for $475k

Failure to notify patients of privacy breach: Illinois hospital settles for $475k

The U.S. Department of Health and Human Services, Office for Civil Rights, settled with a healthcare system for its untimely reporting of a breach of its unsecured, private health information. Presence Health has agreed to pay $475,000 and implement a corrective action...

read more