Contact Us
Subscribe to this blog via RSS
Join us on LinkedInCategories
- Data Privacy
- Kentucky Consumer Data Protection Act
- Department of Health and Human Services' Office of Civil Rights
- Medical Residents
- DEI
- Medical Cannabis
- SB 47
- Workplace Violence
- Assisted Living Facilities
- EMTALA
- FDA
- Reproductive Rights
- Roe v. Wade
- SCOTUS
- Medical Spas
- medical billing
- No Surprises Act
- Mandatory vaccination policies
- Workplace health
- Coronavirus Aid, Relief and Economic Security Act
- Code Enforcement
- Department of Labor ("DOL")
- Employment Law
- FFCRA
- CARES Act
- Nursing Home Reform Act
- Acute Care Beds
- Clinical Support
- Coronavirus
- COVID-19
- Emergency Medical Services
- Emergency Preparedness
- Families First Coronavirus Response Act
- Family and Medical Leave Act (“FMLA”)
- KBML
- medication assisted therapy
- SB 150
- Department of Health and Human Services
- Legislative Developments
- Corporate
- United States Department of Justice ("DOJ")
- Employee Contracts
- Non-Compete Agreement
- Opioid Epidemic
- Sexual Harassment
- Health Resource and Services Administration
- House Bill 333
- Litigation
- Medical Malpractice
- Senate Bill 79
- Locum Tenens
- Physician Prescribing Authority
- Senate Bill 4
- "Two Midnights Rule"
- 340B Program
- Chronic Pain Management
- HIPAA
- Hospice
- Kentucky minimum wage
- Minimum wage
- Prescription Drugs
- Skilled Nursing Facilities (“SNFs”)
- Uncategorized
- Affordable Insurance Exchanges
- Drug Screening
- EHR Systems
- Electronic Health Records (“EHR")
- Fraud
- Health Care Fraud
- HIPAA Risk Assessment
- ICD-10
- KASPER
- Mental Health Care
- Office for Civil Rights ("OCR")
- Primary Care Physicians ("PCPs")
- Stark Laws
- Urinalysis
- Accountable Care Organizations (“ACO”)
- Affordable Care Act
- Alternative Payment Models
- Anti-Kickback Statute
- Centers for Medicare & Medicaid Services (“CMS”)
- Certificate of Need ("CON")
- Charitable Hospitals
- Compliance
- Data Breach
- Department of Health and Human Services (HHS)
- Electronic Protected Health Information (ePHI)
- False Claims Act
- Federally Qualified Health Centers (“FQHCs”)
- Fee for Service
- Health Information Technology for Economic and Clinical Health Act (HITECH Act)
- Health Insurance Portability and Accountability Act of 1996 (HIPAA)
- Health Professional Shortage Area ("HPSA")
- Hospitals
- HPSA
- HRSA
- Kentucky Board of Medical Licensure
- Kentucky’s Department for Medicaid Services
- Limited Services Clinics
- Medicaid
- Medical Staff By-Laws
- Medically Underserved Area ("MUA")
- Medicare
- Mid-Level Practitioners
- Office of Inspector General of the United States Department of Health and Human Services (OIG)
- Part D
- Patient Protection and Affordable Care Act (“ACA”)
- Pharmacists
- Physician Assistants
- Qui Tam
- Rural Health Centers (“RHCs”)
- Rural Health Clinic
- Telehealth
- American Telemedicine Association (“ATA”)
- Criminal Division of the Department of Justice (“DOJ”)
- Health Care Fraud Prevention and Enforcement Action Team (“HEAT”)
- Hydrocodone
- Kentucky Board of Nursing
- Kentucky Pharmacists Association
- Qualified Health Care Centers (“FQHC”)
- Telemedicine
- United States ex. Rel. Kane v. Continuum Health Partners
- Webinar
- Agreed Order
- All-Payer Claims Database ("APCD")
- APRNs
- Chain and Organization System (“PECOS”)
- Chiropractic services
- Clinical Laboratory Improvement Amendments of 1988 (“CLIA”)
- Douglas v. Independent Living Center of Southern California
- Drug Enforcement Agency ("DEA")
- Emergency Rooms
- Enrollment
- Hinchy v. Walgreen Co.
- Jimmo v. Sebelius
- Kentucky Senate Bill 7
- Maintenance Standard
- Medicare Part D
- Minors
- Ophthalmological services
- Overpayments
- Physician Compare website
- Re-validation
- Texting
- Vitas Innovative Hospice Care
- "Plan of Correction"
- 2014 Medicare Physician Fee Schedule (“PFS”)
- 501(c)(3)
- Affinity Health Plan
- Appeal
- Arbitration
- Cadillac tax
- Centers for Disease Control and Prevention
- Chronic Care Management
- Community health needs assessment (“CHNA”)
- Compliance Officer
- Compounding
- Condition of Participation ("CoP")
- CPR
- Daycare centers
- Denied Claims
- Department of Medicaid Services’ (“DMS”)
- Dispenser
- Division of Regulated Child Care
- Drug Quality and Security Act (“DQSA”)
- Employer Mandate
- Essential Health Benefits
- Federation of State Medical Boards (“FSMB”)
- Food and Drug Administratio
- Form 4720
- Grace Period
- Health Professional Shortage Areas (“HPSA”)
- HealthCare.gov
- Home Health Prospective Payment System
- Home Medical Equipment Providers
- Hospitalists
- House Bill 3204
- ICD-9
- Individual mandate
- Inpatient Care
- Intermediate Sanctions Agreement
- Kentucky Health Benefit Exchange
- Kentucky Medical Practice Act
- Kindred v. Cherolis
- Kynect
- Licensure Requirements
- LLC v. Sutter
- Long-term care communities
- Long-Term Care Providers ("LTC")
- Low-utilization payment adjustment ("LUPA")
- Medicare Shared Saving Program (MSSP)
- Mobile medical applications ("apps")
- Model Policy for the Appropriate Use of Social Media and Social Networking in Medical Practice (“Model Policy”)
- National Drug Code ("NDC")
- National Institutes of Health
- Network provider agreement
- New England Compounding Center ("NECC")
- Nonprofit hospitals
- Nonroutine medical supplies conversion factor (“NRS”)
- Outsourcing facility
- Payors
- Personal Service Entities
- Physician Payments
- Physician shortages
- Ping v. Beverly Enterprises
- Power of Attorney ("POA")
- Prescriber
- Qualified Health Plan ("QHP")
- Quality reporting
- Social Media
- Spousal coverage
- State Health Plan
- Statement of Deficiency ("SOD")
- Sustainable Growth Rate (“SGR”)
- Upcoding
- UPS
- “Superuser”
- Advanced Practice Registered Nurses
- Audit
- Autism/ASD
- Business Associate Agreements
- Business Associates
- Call Coverage
- Compliance Programs
- Decertification
- Doe v. Guthrie Clinic
- EHR vendor
- Employer Group Health Plans
- ERISA
- Fair Labor Standards Act (FLSA)
- False Billings
- Genetic Information Nondiscrimination Act ("GINA")
- Group Purchasing Organizations ("GPO")
- Health Reform
- House Bill 104
- Kentucky House Bill 159
- Kentucky House Bill 217
- Kentucky Primary Care Centers (“PCCs”)
- Licensed practical nurses (LPN)
- List of Excluded Individuals and Entities
- Managed Care Organizations (“MCOs”)
- Meaningful use incentives
- Medicare Administrative Coordinators
- Medicare Audit Improvement Act of 2012
- Medicare Benefit Policy Manual
- Nurse practitioners (NP)
- Office of the National Coordinator for Health Information Technology (“ONC”)
- Part A
- Part B
- Patient Autonomy
- Patient Privacy
- Personal Health Information
- Provider Self Disclosure Protocol
- Recovery Audit Contractors (“RAC”)
- Registered nurses (RN)
- Self-Disclosure Protocol
- Senate Bill 39
- Senate Finance Committee Report
- State Medicaid Expansion
- Trade Association Group Coverage
- Abuse and Waste
- Center for Disease Control
- Consumer Operated and Oriented Plan programs (“CO-OPS”)
- Critical Access Hospitals (“CAHs”)
- Essential Health Benefits (“EHBs”)
- Free Conference Committee Report
- Health Care Fraud and Abuse Control Program
- Healthcare Information and Management Systems Society (HIMSS)
- House Bill 1
- House Bill 4
- Kentucky Cabinet for Health and Family Services
- Kentucky Health Care Co-Op
- Kentucky Health Cooperative (“KYHC”)
- Kentucky “Pill Mill Bill”
- Occupational Safety and Health Administration (“OSHA”)
- Pain Management Facilities
- Small Business Health Options Program (“SHOP”)
- Sunshine Act
- Employee Agreement
- Health Care Law
- Health Insurance
- Healthcare Regulation
McBrayer Blogs
Showing 25 posts in Electronic Protected Health Information (ePHI).
Doe v. Guthrie Clinic, Ltd.: A New Privacy Battleground?
Most health care providers are aware of the significant liability implications of a breach of protected health information, including, in some cases, the cost of issuing a breach notification to affected individuals. Providers have not, however, faced significant liability from patient lawsuits filed directly against a hospital or medical practice for damages arising from a breach of confidentiality. The reason is that patients face an uphill battle when suing a hospital or medical practice directly because most laws that protect patient information, including HIPAA, do not provide a private right of action for patients to sue the provider. More >
HHS Issues Final HIPAA/HITECH Rule
The United States Department of Health and Human Services (“HHS”) issued its Final Rule modifying the requirements of the Health Insurance Portability and Accountability Act (“HIPAA”) privacy and security regulations pursuant to the Health Information Technology for Economic and Clinical Health Act (“HITECH”) on January 17, 2013. The Final Rule strengthens the privacy and security requirement of HIPAA governing protected health information (“PHI”) and gives HHS greater enforcement authority to police violations of the privacy and security requirements. The Final Rule will require health care providers and their business associates to re-evaluate their HIPAA compliance policies and procedures to avoid potential liability for violations of HIPAA requirements. More >
THE “WILD WILD WEST” OF SMS
SMS text messaging is quickly becoming the preferred method of communication for many people who find it a quick and convenient way to share information with friends, family and, increasingly, with colleagues. This is true in the health care space as well with patients increasingly using text messaging to communicate with providers and to receive health-related reminders and updates, including for health care appointments, medication therapies and health news. For example, anyone can text the word HEALTH to 87000 and begin receiving text messages from the Center for Disease Control regarding emergency alerts, new research and reports, as well as health information and tips. More >
Is a Cloud Vendor a Business Associate?
Before a covered entity can use cloud storage for ePHI, the covered entity must enter into a business associate agreement (BAA) with the cloud vendor.[i] It seems that there is some uncertainty surrounding this requirement, with some cloud vendors taking the position that a BAA is unnecessary for passive storage of ePHI or that they qualify for an exception under HITECH Act as a personal health records vendor. More >
IS HIPAA IN THE CLOUDS?
Virtual or “cloud” data storage is an increasingly popular method for storing data electronically in a safe and yet conveniently accessible manner that may also represent a cost savings over traditional onsite data storage options. Health care providers, including hospitals, pharmacies and physicians, have been slow to avail themselves of the benefits of “cloud computing” due in part to concerns about whether the cloud offers the rigorous privacy and security safeguards required for storing electronic protected health information (ePHI) under Federal and State privacy laws, including the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the Health Information Technology for Economic and Clinical Health Act (HITECH Act) and implementing regulations. More >
