HIPAA IT Pitfalls to Avoid in 2015Understanding Compliance & Exceptions
Brad Spannbauer
Director, Product Development
eFax Corporate®
The information provided in this presentation does not constitute, and is no substitute for, legal or other professional advice. We strongly encourage you to consult your own legal or other professional advisors for individualized guidance regarding the application of the law to your particular situations, and in connection with any compliance-related concerns.
Today’s Agenda
• 7 common incorrect HIPAA assumptions
• Putting it all together:– The Conduit Exception
– The BAA: Does it transfer your responsibility?
– The Encryption requirement
• So, are you compliant or not?
• Q & A
HIPAA Misconception #4:
Our corporate policies restrict access to
PHI… so we’re in compliance. Right?
HIPAA Misconception #5:
We use an in-house fax server, so our transmissions
are… secure behind our firewall. Right?
HIPAA Misconception #6:
Our EHR system has a well-documented audit trail…
so a document-sharing policy would be redundant.
Right?
HIPAA Misconception #7:
Our email provider offers TLS encryption…
so we’re secure sending email
attachments. Right?
Next Steps
• Read “7 HIPAA Compliant Assumptions”http://www.hitechanswers.net/7-hipaa-compliant-assumptions-can-trip/
• Whitepaper: “Is Cloud-based Faxing Right for You?”
• 30 day free trial offer.