Archive for October, 2009
HITECH Increases HIPAA Risk
Risk to violators, that is. Be sure to read the new interim final rule posted today. Key to the proposed changes is that the maximum penalty increases 60-fold — to $1.5 million for violations of an idential provision. And a covered entity can no longer bar the penalty unless correction is made within 30 days of discovery.
Read the HHS press release.
Add comment October 30, 2009
Swine Flu and Vendor Credentialing: Part II
Last May in the Swine Flu and Vendor Credentialing post, we highlighted the new reality that a number of customer hospitals were email visiting vendor representatives to new H1N1 precautions. These hospitals relied on their Vendormate registration files for current vendor contact information. Most of these notes were gentle reminders of communicable disease best practices and basically read, “if you’re sick, stay home.”
With H1N1 still with us, hospitals are again alerting visiting representatives to new precautions. Hospitals want to require seasonal flu and H1N1 vaccinations, but know that distribution issues make that impossible. Instead they are requiring the immunizations or a mask when on site.
Most of these customers have adjusted their Vendormate-based program to communicate the shot or mask requirement and to track compliance.
To reinforce the message, Vendormate badges at these hospitals now include a WARNING by the badge photo indicating that a MASK is required if the visiting representative hasn’t yet been able to complete the vaccinations. This message is critical for the hospital staff to be able enforce the requirement quickly and effectively without interfering with the vendor’s business routine.
3 comments October 23, 2009
HHS Breach Notification Form On line
The Hunton & Williams privacy and security blog has been very active recently. It covers a wide range of issues of interest to many industries. Last Friday, they noted that the Department of Health and Human Services had added the on-line form for breach notifications.
For all of you worried about the burden of reporting a breach, take a look at the form. It’s not onerous and should take only a few minutes to complete. Of course, the real issue is having a plan for notifying affected individuals. Unfortunately, that’s not something an online form can handle for you.
2 comments October 6, 2009
