Privacy Officer's Roundtable

Latest Discussion Posts

  • Hi: If you are an Epic user, do you consider Care Everywhere records to be part of your organization's designated record set? Based on HIPAA's definition of designated record set copied below, I think the answer is contingent on whether an organization ...

  • If it is for treatment, why do you need an authorization? ------------------------------ [Deborah] [Dabbs] [MBA, CHC,CHPC, CHRC, MT(ASCP)SM] [Compliance/Privacy Officer] [Seminole Hospital District] [Seminole],[Texas] ------------------------------

  • You'll need to look at your ROI policy and ask around. There could be multiple stakeholders at your organizations involved in ROI beyond the HIM Department or a third party processor. I would start there and then see if the policy is being followed. ...

  • Depends on their job duties. Why were those files there? Look at your state data breach laws. ------------------------------ Brenda Manning J.D., C.H.C., C.H.P.C. Privacy Director Privacy Officer Carilion Clinic The views expressed herein are my own ...

  • Hmmmm....was the employee's saving of the information you described part of the employee's assigned roles and responsibilities?  Was the employee using the company owned PC for non-work or personal reasons? Posted: 3:47 AM AZ time ------------------------------ ...