A HIPAA Prime client emailed and called us on a Tuesday afternoon to let us know that earlier that day their email had been hacked and a phishing email was sent out to over 1,000 contacts that included clients.  The Total HIPAA Compliance Team immediately called them back to assist.  They had already included their IT Vendor in the investigation. The IT Vendor, the client, and Total HIPAA recapped the situation and then came up with a plan of action.  First, all of the contacts that received the phishing email needed to be contacted immediately to ensure the email was deleted an ..read more

As an insurance agent, you may be wondering how the Health Insurance Portability and Accountability Act (HIPAA) impacts your business. The law aims to protect patient privacy, and as a provider of health insurance plans, you are required to adhere to its guidelines. In this blog post, we will discuss what to expect during a HIPAA risk assessment for insurance agents and how Total HIPAA can support you in this process. Understanding HIPAA Compliance for Insurance Agents Why is HIPAA relevant to insurance agents? Insurance agents often handle sensitive health information when working with client ..read more

Insurance agents who handle protected health information (PHI) are required to comply with the Health Insurance Portability and Accountability Act (HIPAA). One way to ensure compliance is to undergo a HIPAA compliance audit. In this blog post, we’ll discuss what insurance agents need to know about HIPAA compliance audits. HIPAA compliance audits are conducted by the Department of Health and Human Services’ Office for Civil Rights (OCR). The OCR is responsible for enforcing HIPAA regulations, and one of its tasks is to conduct periodic audits of covered entities and business associates. Insuran ..read more

Insurance agents who handle protected health information (PHI) are required to comply with the Health Insurance Portability and Accountability Act (HIPAA). One important aspect of HIPAA compliance is ensuring that all staff members receive appropriate training on HIPAA regulations. In this blog post, we’ll discuss the requirements for HIPAA training for insurance agents and some strategies for providing effective training. HIPAA regulations require that all staff members who handle PHI receive training on HIPAA regulations within a reasonable amount of time after being hired and periodically t ..read more

Are you an insurance agent who handles protected health information (PHI)? If so, you must comply with the Health Insurance Portability and Accountability Act (HIPAA) when it comes to marketing and communications. In this blog post, we’ll cover some essential considerations that insurance agents should keep in mind to ensure HIPAA compliance in their marketing and communications. Keep PHI Confidential and Secure The first thing to remember is to keep PHI confidential and secure. This means avoiding unsecured communication channels like email or social media to communicate PHI with clients or p ..read more

We recently hosted a webinar, “Annual HIPAA Requirements and Security Standards,” in which we discussed annual HIPAA requirements, document review, and the compliance procedures you need to have in place to prevent breaches and pass audits.  In the webinar, we spoke with Rob Chubbuck, an IT expert and educator, about logging, password standards, annual training and document review requirements, the expanding scope of PHI, and more. You can watch the webinar recording here or, if you’d like to read a summary, here are the five most important takeaways you should know about basic annual HIP ..read more

Introduction: As a health insurance agent, understanding the complexities of the Health Insurance Portability and Accountability Act, or HIPAA, is essential. One of the critical aspects of HIPAA is the Business Associate Agreement (BAA).  What is included in a typical Business Associate Agreement? A BAA is a legally binding contract between a Covered Entity (CE) and a Business Associate (BA), which may be an insurance agent. A standard BAA includes the following components: Permitted Uses and Disclosures of PHI: The specific purposed for which the BA can use or disclose Protected Health ..read more

If your organization stores, manages, or processes protected health information (PHI) using Google services, it’s critical that you have a Business Associate Agreement (BAA) with Google. A BAA is a legally binding contract that outlines the responsibilities and obligations of both parties with regard to the handling and protection of PHI. Google offers BAAs for its HIPAA-compliant products and services, including Google Workspace (formerly G Suite), Google Cloud Platform, and Google Meet. To obtain a BAA with Google, your organization must have a paid Google Workspace account, and you must be ..read more

If your organization stores, manages, or processes protected health information (PHI) using Google services, it’s critical that you have a Business Associate Agreement (BAA) with Google. A BAA is a legally binding contract that outlines the responsibilities and obligations of both parties with regard to the handling and protection of PHI. Google offers BAAs for its HIPAA-compliant products and services, including Google Workspace (formerly G Suite), Google Cloud Platform, and Google Meet. To obtain a BAA with Google, your organization must have a paid Google Workspace account, and you must be ..read more

Texts are sent by the majority of people, even multiple times a day. When those texts contain PHI it is vital that they are encrypted. Learn more about what this means for your texts in our first Vlog. By Jason Karn Google+ The post Vlog #1–Encrypting Texts appeared first on Total HIPAA Compliance ..read more