Subscription Required

Only paid subscribers* to Report on Patient Privacy can access this Web portal with three years of back issues, searchable article archives and other valuable resources.

Subscribers to Report on Patient Privacy receive

  1. Report on Patient Privacy, AIS’s industry-leading monthly newsletter, a copy of which will be mailed to you and posted — along with searchable archives of past articles and a convenient library with PDFs of back issues — on the subscriber-only website.
  2. Access to the industry’s most exhaustive HIPAA privacy and security website, which features:
    • 31 detailed narrative sections of guidance written by experts on every HIPAA compliance topic from A to Z. These exhaustive treatments are packed with sample forms, policies, procedures, decision trees and other practical tools you can adapt to your privacy and security compliance programs ... and it’s updated regularly.
    • Links to critical government documents required for compliance with privacy and security regulations and other related federal requirements.
    • Special E-Alerts when timely news breaks
    • Searchable archives of the monthly newsletter Report on Patient Privacy.
    • Recent stories of interest and hot topic articles grouped for convenient reading, and
    • Regular postings from your editor.
View a sample and get more information
March 2015

Recent Stories of Interest

From Report on Patient Privacy - While Anthem, Inc. is a HIPAA covered entity (CE) whose massive data breach announced last month will eventually be investigated by the HHS Office for Civil Rights, the Indianapolis-based health plan is already the target of a fast-moving probe by the National Association of Insurance Commissioners (NAIC), which is focusing on its “cybersecurity” practices. Read more

The name Moda Health, Inc. doesn’t appear on the Office for Civil… Read more

Don’t trust; verify. This twist on “trust, but verify” sums up Seattle Children’s… Read more

The compliance official was clearly distraught. A surgeon, already warned, was in… Read more

From the Editor

Welcome to your Report on Patient Privacy subscriber-only Web page

Be sure to visit often, for PDFs of issues, article archives, narrative sections by privacy and security experts, and more!

Please e-mail me with your comments on the last issue of Report on Patient Privacy, story ideas for future issues, or any other suggestions you have that can make the newsletter more useful for you.

RPP subscribers can now access an extensive report with all the details of the new HIPAA/HITECH regulations, prepared by RPP Editor Francie Fernald. This report summarizes the amendments to the regulatory language and highlights the clarifications that HHS discusses in the preamble to the rule. It has two parts:

  1. Revisions to the breach notification rules, and
  2. Revisions to the HIPAA privacy and security rules and the HHS OIG enforcement rules mandated by the HITECH Act.

Click here to read the report (PDF file).

March 2, 2015
Data Theft Numbers Just Continue to Go Up

Medical identify theft is up more than 20% over 2013, and the number of records affected due to hacking incidents is up more than 50%. These are the findings of two recently released studies by the Ponemon Institute and Redspin.

February 20, 2015
March 1 Is Breach Reporting Deadline

Covered entities, if they have not already done so, must file their annual report of breaches that affected under 500 individuals with OCR by March 1. CEs must file a separate breach report for each incident using the OCR breach notification portal.

February 6, 2015
New Portal for Reporting Breaches to OCR

HHS’ Office for Civil Rights has made available a new portal for filing the breach notices required by the HITECH Act. The portal, which works as a “wizard” directing the filing entity through six sections, requires more detailed information than the old portal. Fields such as the beginning and end dates of the breach, which were optional, now are mandatory. The section on “Actions Taken in Response to Breach” has 15 specific actions to select from, but the section "Safeguards in Place Prior to Breach" is more general than before, listing five options regarding compliance with the privacy and security rules, rather than the laundry list of technical safeguards. The portal may be used to report breaches over 500 and breaches under 500.

It's quick and easy to sign up for FREE access to!

Why do I need to register?