The HITECH section of the American Recovery and Reinvestment Act (ARRA) added privacy and security requirements that providers of health care services must follow in handling the Protected Health Information (PHI) of those they treat over and above those provided for in HIPAA. HIPAA allowed PHI to be exchanged for treatment and operations without patient [...]
I have recently noticed several pieces of news that I thought would be of interest to providers of behavioral health services and others. 1. The National Council Public Policy Update of April 8, 2010 pointed out an important change in timely filing requirements for Medicare claims: Requirements of the Patient Protection and Affordable Care Act makes (sic) [...]
During the past two weeks, I have spent several hours creating process diagrams or flow charts for a customer. After using our billing software and a custom attendance/reporting module we created for them in 2003 but maintaining paper clinical records, they are now implementing a custom Forms module and preparing to implement our behavioral health electronic [...]
Consider a couple of nightmares that might easily come true: 1. Your laptop, with a variety of documents and files containing confidential, protected health information on its hard drive, is stolen from your car, hotel, or disappears while you are traveling. 2. Your office is burglarized and all the desktop computers, as well as a [...]
Most every week I have a call from my credit card company’s security department to see if the recent activity on our account is actually ours. We used to get these calls maybe a couple of times a year, but now it is literally weekly. A while back our credit card processor for SOS transactions [...]
I checked my email on Sunday night to find two new requests for “friend” status on my Facebook page…one was from a customer, the other was from my mother-in-law. The juxtaposition of requests brought directly home the conflict and confusion that some folks are having about use of the social media sites. Is your use [...]
A question on one of the psychology listservs I follow got me thinking, yet again, about data security…and backup. The writer asked about the proper procedures to follow when patient psychotherapy treatment records are permanently lost. The question pertained to how the counselor in question should respond to the loss of all of their patient [...]
I was all set to write an article Monday morning on the expanded privacy and security requirements in the American Recovery & Reinvestment Act of 2009 (ARRA) when I remembered that I was registered for a webinar presented by FairWarning (a privacy surveillance company) Monday afternoon on just that subject. I am really glad I waited to write, because [...]
Running a mental health practice or community organization is a demanding endeavor and probably gets in the way of reading some of the huge volumes of info out there. I just thought I would share some quick bits and pieces of information you might find useful. 1. ICD-10 Update: Last October 31, I posted information about an October 2011 [...]
Standard advice for securing computer systems is to require users to change passwords frequently. Something about this recommendation has always bothered me, but I never really thought it through. A current blog posting at Healthcare Informatics by Dale Sanders really hits the nail on the head. He points out that these change-passwords-frequently policies actually undercut password security [...]
