Medcurity Logo
Login

HIPAA Compliance for Hospice and Palliative Care Organizations

HIPAA compliance for multi-location hospitals and hospital networks — Medcurity platform.

HIPAA Compliance for Hospice and Palliative Care Organizations Quick Answer: Hospice and palliative-care organizations face HIPAA challenges that most providers do not: care delivered in patients’ homes, heavy involvement of family and informal caregivers, interdisciplinary teams sharing PHI across settings, and frequent disclosures to clergy, volunteers, and bereavement services. A current Security Risk Analysis plus […]

HIPAA Third-Party Risk Management: Vendor Assessment Best Practices

HIPAA compliance for multi-location hospitals and hospital networks — Medcurity platform.

HIPAA Third-Party Risk Management: Vendor Assessment Best Practices A growing share of healthcare data breaches no longer start inside the provider — they start at a vendor. Billing companies, cloud platforms, EHR hosts, and IT service providers all touch protected health information, and each one extends an organization’s attack surface. That is what makes third-party […]

HIPAA Compliance for Radiology and Imaging Centers

HIPAA compliance for multi-location hospitals and hospital networks — Medcurity platform.

HIPAA Compliance for Radiology and Imaging Centers Radiology and imaging centers handle some of the most data-rich protected health information (PHI) in healthcare. A single CT or MRI study can contain thousands of individual images, and every one of them carries patient identifiers embedded directly in its DICOM metadata header — name, date of birth, […]

HIPAA Compliance for mHealth Apps: Developing Compliant Mobile Health Solutions

HIPAA compliance for multi-location hospitals and hospital networks — Medcurity platform.

HIPAA Compliance for mHealth Apps: Developing Compliant Mobile Health Solutions The first question for any mobile health app is not “how do we make it HIPAA compliant” but “does HIPAA even apply.” That answer is genuinely specific to mHealth and it is not obvious. HIPAA follows the relationship, not the data: an app applies under […]

HIPAA vs FERPA: Compliance for School-Based Health Centers

HIPAA compliance for multi-location hospitals and hospital networks — Medcurity platform.

HIPAA vs FERPA: Compliance for School-Based Health Centers Quick Answer: School-based health centers (SBHCs) sit at the intersection of HIPAA and FERPA, serve minors whose consent rules vary by state, and share space and staff with schools. The key is knowing when records are HIPAA-covered versus FERPA-covered, applying state minor-consent law correctly, and running a […]

HIPAA Compliance for Medical Marijuana Programs and Dispensaries

HIPAA compliance for multi-location hospitals and hospital networks — Medcurity platform.

HIPAA Compliance for Medical Marijuana Programs and Dispensaries Medical marijuana sits in an unusual regulatory position, and the first question for anyone handling its records is deceptively simple: does HIPAA even apply? The answer depends entirely on who is holding the data. A storefront dispensary and a physician who certifies a patient for a state […]

HIPAA and Health Information Exchanges (HIEs): Secure Data Sharing

HIPAA compliance for multi-location hospitals and hospital networks — Medcurity platform.

HIPAA and Health Information Exchanges (HIEs): Secure Data Sharing A Health Information Exchange exists to do the one thing HIPAA spends the most energy governing: move protected health information between organizations that do not share a roof, a network, or a patient-consent form. That is what makes HIE compliance distinct. In a single clinic, PHI […]

HIPAA Compliant Patient Portals: Security Requirements and Best Practices

HIPAA compliance for multi-location hospitals and hospital networks — Medcurity platform.

HIPAA Compliant Patient Portals: Security Requirements and Best Practices A patient portal is unusual among healthcare systems because it deliberately puts protected health information into the hands of people outside your walls. Every other safeguard in HIPAA is about keeping PHI inside a trusted boundary; a portal’s entire purpose is to push lab results, visit […]

HIPAA Compliance for Nonprofit Health Organizations and Free Clinics

HIPAA compliance for multi-location hospitals and hospital networks — Medcurity platform.

HIPAA Compliance for Nonprofit Health Organizations and Free Clinics Quick Answer: Nonprofit health organizations and free clinics are covered entities if they conduct HIPAA-defined transactions electronically. Compliance requirements are the same regardless of organizational size or budget. HHS provides resources specifically for small providers, and scalable solutions like Medcurity make compliance achievable for resource-constrained organizations. […]

HIPAA Compliance for Medical Transcription: Securing Dictated Records

HIPAA compliance for multi-location hospitals and hospital networks — Medcurity platform.

HIPAA Compliance for Medical Transcription: Securing Dictated Records Medical transcription sits at a HIPAA pressure point that other workflows do not: the protected health information is almost always handled by someone outside the practice. Dictated clinical notes are sent to a transcription service, typed up, and returned, which means a provider’s most sensitive narrative records, […]