Posted in HIPAA

HIPAA

Why Employers Need to Carefully Approach Employee Healthcare Data

By Kirk J. Nahra, CIPP/US

The recent controversy about AOL CEO Tim Armstrong’s comments on employee healthcare expenses reflects ongoing confusion about the actual and appropriate rules for employers and the protections for employees concerning their health care information. As employers become more involved in the overall management of employee wellness and overall healthcare expenditures, this confusion is likely to remain. Employers need to very carefully consider their approach to employee healthcare information and how they will act effectively and intelligently in this controversial and risky area.

More from Kirk J. Nahra

Opinion

Old School Privacy is Dead, But Don’t Go Privacy Crazy

By Stanley W. Crosley, CIPP/US, CIPM
Image from “Redneck Crazy” video by Tyler Farr

When I have the occasion to drive the kids to school, our music selections range almost as widely as our breakfast choices—some Christian, some country and some 80s, to which I alone know the lyrics. Recently, a particularly funny, somewhat concerning country song, “Redneck Crazy” by Tyler Farr, caught my attention. The song includes the following line, “You done broke the wrong heart baby ... drove me redneck crazy.”

More from Stanley W. Crosley

Healthcare Privacy

On Where Health IT and Privacy Meet

By K Royal, CIPP/US, CIPP/E

The Eighth Annual National Health IT Week kicks off today with the slogan, “One Voice. One Vision: Transforming Health and Care.” This honorary week has been created by the Healthcare Information and Management Systems Society (HIMSS). HIMSS seems to lead efforts similar to the IAPP, even if the mission is different, and there is no doubt that our membership overlaps. HIMSS states that last year, more than 250 organizations participated in the week’s activities while also being recognized by President Obama and the U.S. Senate.

More from K Royal

From the Tool Belt

Moving Past the New HIPAA Rules

By Kirk J. Nahra, CIPP/US

So, you’re a HIPAA covered entity or business associate who is in the final throes of revamping (or creating) appropriate and compliant HIPAA privacy and security policies. And, you finally think you are getting a handle on all the changes required by the new HITECH components of the HIPAA rules. And, boy, it’s been some work. So, you’re good for a while, right?

Not really. While the HIPAA privacy and security rules occupy the primary attention for healthcare entities and their business associates, there is a wide range of other privacy and security practices, rules, laws and regulations that must be met—and the laundry list is evolving almost constantly.

More from Kirk J. Nahra

Opinion

Why the New Senator Markey May Be the Most Influential Privacy Congressman in History

By Peter Swire, CIPP/US

Edward Markey, elected tonight to the Senate in a special election in Massachusetts, is quite possibly the most influential member of the House of Representatives in the history of privacy legislation.

Markey has been involved in countless privacy issues since he came to the House in 1976, as part of the post-Watergate generation of reformers in Washington. For the past decade, he has been the Democratic co-chair with Republican Joe Barton of the Privacy Caucus in the House.

More from Peter Swire

From the Toolbelt

What Should You Do If You Receive an Investigatory Letter From the OCR?

By K Royal, CIPP/US, CIPP/E

Opening mail still carries the potential of discovering a treasure. Unfortunately for many organizations, the envelope may contain unpleasant information, namely an investigatory letter from the Office for Civil Rights (OCR), the entity that enforces the Health Insurance Portability and Accountability Act (HIPAA).

More from K Royal