Subscription Required

Only paid subscribers* to Report on Patient Privacy can access this Web portal with three years of back issues, searchable article archives and other valuable resources.

Subscribers to Report on Patient Privacy receive

  1. Report on Patient Privacy, AIS’s industry-leading monthly newsletter, a copy of which will be mailed to you and posted — along with searchable archives of past articles and a convenient library with PDFs of back issues — on the subscriber-only website.
  2. Access to the industry’s most exhaustive HIPAA privacy and security website, which features:
    • 31 detailed narrative sections of guidance written by experts on every HIPAA compliance topic from A to Z. These exhaustive treatments are packed with sample forms, policies, procedures, decision trees and other practical tools you can adapt to your privacy and security compliance programs ... and it’s updated regularly.
    • Links to critical government documents required for compliance with privacy and security regulations and other related federal requirements.
    • Special E-Alerts when timely news breaks
    • Searchable archives of the monthly newsletter Report on Patient Privacy.
    • Recent stories of interest and hot topic articles grouped for convenient reading, and
    • Regular postings from your editor.
View a sample and get more information
April 2014

Recent Stories of Interest

From Report on Patient Privacy - A $4.125 million settlement has been reached in a class action case against Stanford University Hospital and Clinics and two business associates (BAs), the second multi-million dollar settlement in the last six weeks in which patients who have not claimed to have suffered harm from a breach of protected health information (PHI) will receive payments nonetheless. The two cases, which center on incidents in 2009 and 2011, are reinforcing the need for cyber liability insurance to cover costs associated with this kind of litigation (see story, p. 7). Read more

Skagit County in Washington state was so lacking in basic HIPAA compliance… Read more

New guidance on what covered entities (CEs) may disclose about patients receiving… Read more

The HHS Office for Civil Rights (OCR) may or may not audit… Read more

From the Editor

Welcome to your Report on Patient Privacy subscriber-only Web page

Be sure to visit often, for PDFs of issues, article archives, narrative sections by privacy and security experts, and more!

Please e-mail me with your comments on the last issue of Report on Patient Privacy, story ideas for future issues, or any other suggestions you have that can make the newsletter more useful for you.


RPP subscribers can now access an extensive report with all the details of the new HIPAA/HITECH regulations, prepared by RPP Editor Francie Fernald. This report summarizes the amendments to the regulatory language and highlights the clarifications that HHS discusses in the preamble to the rule. It has two parts:

  1. Revisions to the breach notification rules, and
  2. Revisions to the HIPAA privacy and security rules and the HHS OIG enforcement rules mandated by the HITECH Act.

Click here to read the report (PDF file).

April 1, 2014
Security Risk Assessment Tool Now Available

The Office of the National Coordinator for Health Information Technology, Office for Civil Rights, and the HHS Office of the General Counsel have developed a downloadable Security Risk Assessment Tool to help covered entities and business associates conduct a risk assessment. Videos and a user guide are available to learn how to use the tool. The tool is compatible with the iPad and Windows and also is available in paper.

February 24, 2014
March 1 Is Deadline for Breach Reporting

Just a reminder that covered entities must notify HHS by March 1 of breaches of unsecured PHI discovered in 2013 affecting fewer than 500 individuals. A separate form must be completed and submitted electronically for every breach that was discovered during the calendar year. Click here for the instructions and form.

February 3, 2014
CMS/HHS Release Final Rule on Patients’ Access to Test Reports

This final rule amends the CLIA regulations and the HIPAA Privacy Rule to allow CLIA laboratories to give patients' direct access to their own completed test reports. The rule will be published in the Feb. 6 Federal Register.

Updated Regularly

Featured Hot Topics

Search for your own Hot Topics

It's quick and easy to sign up for FREE access to AISHealth.com!

Why do I need to register?