HIPAA Compliance for Visiting Nurses
HIPAA compliance for visiting nurses is the same as for any other medical professional, even though their working environments can be much different and the challenges to HIPAA compliance harder to overcome. This is because a visiting nurse is an employee of medical facility, hospice or other independent visiting nurse service, and is regarded to be a member of a Covered Entity´s workforce. As such, a visiting nurse is not a Business Associate – even though he or she provides a service for the Covered Entity – and is subject to the policies and procedures enforced by the Covered Entity. However, there are unique challenges with regards to HIPAA compliance for visiting nurses working in the community. These challenges primarily concern the disclosure of Protected Health Information (PHI) to people they meet in their working environments and how their patients´ PHI is created, used, stored and shared with other members of the Covered Entity´s workforce. Families and HIPAA Compliance for Visiting Nurses Similar to nurses working in medical centers, visiting nurses have to...
Best Psychiatry EMR
The best psychiatry EMR supports prescribing and medication monitoring, psychiatric assessment and progress note documentation, lab ordering and results review, insurance and patient billing workflows, and administrative controls such as role-based access and audit logging to support consistent clinical operations and HIPAA-compliant handling of electronic protected health information. Psychiatry Practice Workflow Requirements Psychiatry practices manage ongoing medication decisions, symptom tracking across time, and clinical documentation that must remain coherent across frequent follow-up visits. The EMR needs to support medication reconciliation, refill workflows, and clinical decision support that fits outpatient psychiatry cadence without forcing duplicative documentation. Care coordination is common. Referring providers, primary care, therapists, and hospitals may send records that need to be filed, searchable, and available at the point of care. The EMR should support structured capture of diagnosis, medications, and allergies while also supporting narrative clinical...
Why is HIPAA Important for Billing and Coding?
HIPAA is important for billing and coding because these functions depend on the lawful, accurate, and secure handling of protected health information and directly affect patient privacy, data security, and trust in the healthcare system. Billing and coding professionals routinely work with diagnosis codes, procedure codes, insurance identifiers, and patient demographics, all of which are tied to identifiable individuals and fall within the scope of HIPAA protections. Billing and coding teams often have access to a wide range of patient information that combines clinical details with financial data. This creates a higher risk profile because the information can reveal both a person’s medical history and their identity. HIPAA establishes rules that limit how this information can be accessed, used, and disclosed, helping ensure that billing activities support reimbursement and operations without exposing patients to unnecessary privacy risks. HIPAA is also mandatory in billing and coding because of the principle of minimum necessary use. Staff must access only the information required...
Harris Health Notifies Patients About 10-Year Insider Data Breach
Harris Health in Texas has recently started notifying 5,357 patients that their electronic health records may have been impermissibly accessed by a former employee. Concerningly, the unauthorized access had been ongoing for a decade before it was identified. Harris Health operates Ben Taub Hospital and Lyndon B. Johnson Hospital, and a network of 37 clinics, health centers, and specialty locations in and around Houston, Texas. While notification letters are now being mailed to the affected individuals, the unauthorized access was detected on February 10, 2021. An investigation was launched to determine the extent of the employee’s HIPAA violation, with assistance provided by a nationally recognized digital forensics firm. The investigation confirmed unauthorized access to patient records from January 4, 2011, to March 8, 2021. After confirming that patients’ medical records had been accessed without any legitimate work purpose, the employee was terminated, and the Federal Bureau of Investigation (FBI) was notified. Harris Health has been assisting with the investigation,...
Cl0p Mass Exploiting Zero-day Vulnerability in Oracle E-Business Suite
A zero-day vulnerability in Oracle E-Business Suite is under active exploitation by the Cl0p ransomware group. The vulnerability is tracked as CVE-2025-61882 and has a CVSS base score of 9.8 out of 10. The flaw is present in the BI Publisher Integration component of Oracle’s Concurrent Processing product within the Oracle E-Business suite, and can be exploited remotely by an unauthenticated attacker, leading to remote code execution. The vulnerability can be exploited by an unauthenticated attacker with network access via HTTP and will allow Oracle Concurrent Processing to be compromised. Google’s Threat Intelligence Group and Mandiant first warned about attacks exploiting the vulnerability on October 2, 2025, when organizations started reporting that they had received demands for payment from the Cl0p threat group. Oracle published a security advisory about the vulnerability on October 4, 2025, and released a patch to fix the flaw. CrowdStrike believes with moderate confidence that a threat group tracked as Graceful Spider is mass exploiting the vulnerability. Graceful Spider is a...



