Entries by Elizabeth Delahoussaye, RHIA, CHPS | Ciox Chief Privacy Officer

Four Things You Can Do to Prepare for the “New” Definition of EHI

The 21st Century Cures Act (“Cures Act”) fundamentally changes the way patients can interact with their health information—and October 6, 2022, is a major milestone. Today, electronic health information (EHI) is limited to the data elements defined as United States Core Data for Interoperability (USCDI), which includes information such as clinical notes, certain patient demographic […]

HIPAA Compliance Lessons Learned from OCR Civil Monetary Penalties

$70,000. That was the amount of one Office of Civil Rights (OCR) Civil Monetary Penalty (CMP) for non-compliance with HIPAA. To date, there have been 20 CMPs issued by OCR. Don’t be the next healthcare provider to be faced with a fine. All it takes is due diligence and a commitment to rigorous compliance. So why […]

No-Cost Quality Improvements: Strategies from Ciox Health

Release of information is a nuanced and innately human process, one in which stakeholders require a deep understanding of quality challenges, trends, and a depth of the commitment to compliance. Through a three-tiered approach including executive awareness, departmental reorganization, and technology enablement, we were able to achieve this understanding and reduce our quality errors by […]

Patient Right of Access: Six lessons learned from some of OCR’s most recent civil monetary penalties

Ease of access. It’s what every patient deserves when it comes to their protected health information. It’s also what’s legally required of covered entities under HIPAA. Yet many healthcare providers—particularly small facilities, physician practices, and behavioral health providers—continue to make mistakes, resulting in thousands of dollars in civil monetary penalties (CMP) from the Office for […]

The 5 T’s of a Best-in-Class HIM Compliance Program

In response to the urgent need to address COVID-19, the Centers for Medicare and Medicaid Services (CMS) has introduced multiple policies to allow providers the flexibility to focus attention on care delivery. One such type of flexibility is the 1335 waiver, which allows CMS to waive sanctions and penalties against a covered hospital for certain […]

Location, location, location – 5 Things to Consider When Evaluating At-home vs. On-site Staff

As we start to see states across the U.S. begin to lift COVID-19 shelter-in-place or self-quarantine directives, our focus will naturally shift to so many unknowns. What is our new normal? What will our organizations look like? How will our teams and staff be impacted? Honestly, we cannot even begin to fully appreciate how many […]

How transparent is your relationship with your business partners?

This is the question that every covered entity should ask themselves on a daily basis. Building and maintaining trust is a key objective for any healthcare provider, or any business for that matter. It’s especially important for entities that hold protected health information (PHI) to craft a compelling message about their security and privacy. As […]