General

The Health Insurance Portability and Accountability Act (HIPAA) forms the backbone of healthcare data protection in the United States. For lawyers and Juris Doctor (JD) holders who work with or aspire to work with healthcare clients, understanding HIPAA is no longer optional—it’s a strategic necessity. One of the most comprehensive ways to gain this expertise is by obtaining the HIPAA Certification of Certified HIPAA Privacy Security Expert (CHPSE). This article explores why lawyers and legal professionals should consider CHPSE training and how it can elevate their careers, expand their service offerings, and ensure compliance in a highly regulated field. The CHPSE [...]

Following is one of the frequently asked questions over the phone: I have been given additional responsibility for acting as a HIPAA compliance officer for my company. I am not an IT professional, so which course will be right for me, and why? Congratulations on your new role as a HIPAA Compliance Officer! As you embark on this critical responsibility, you must ensure you're well-prepared with the proper knowledge and training to help your organization comply with HIPAA regulations. The role of a HIPAA Compliance Officer involves overseeing the protection of Protected Health Information (PHI), managing security policies, conducting staff training, [...]

Starting a career as a medical courier requires more than driving skills. To ensure safety and compliance, couriers need specialized training in specimen handling, biohazard safety, and patient privacy. Key certifications include OSHA Hazard Communication, Bloodborne Pathogens, and HIPAA Privacy and Security for handling sensitive information. Additional training in Cybersecurity Awareness, Fire Safety, and Workplace Conduct further enhances professionalism and compliance. These credentials reduce risks, protect patient data, and build trust with healthcare providers. By completing the right training, medical couriers can improve employability and play a vital role in accurate, secure specimen transportation across labs and clinics. These trainings [...]

In today's landscape of increasing cyber threats and breaches involving electronic protected health information (ePHI), it's crucial for HIPAA-covered entities and their business associates (collectively known as "regulated entities") to prioritize not only the digital but also the physical security of their ePHI. While much attention is given to safeguarding against digital breaches caused by hacking, malware, or ransomware, the physical security of facilities housing ePHI can sometimes be overlooked. However, ensuring the confidentiality, integrity, and availability of ePHI requires vigilant protection of the physical premises where this data is stored. Recent studies reveal a concerning gap in security priorities: only [...]

Today, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced the imposition of a civil monetary penalty of $115,200 on American Medical Response (AMR), a provider of emergency medical services nationwide. This penalty resulted from an investigation triggered by a complaint that AMR had failed to provide a patient with timely access to their medical records. Under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule, individuals or their personal representatives are entitled to timely access to their health information within 30 days, with a potential extension of another 30 days, for [...]