Tag Archives: HITECH Act

Healthcare Organizations are Suffering from Serious Data Security Ills

By Judy Selby on Posted in HIPAA/HITECH, Medical Privacy
The diagnosis is in, and its not good. Unless an aggressive treatment plan is put in place, the prognosis will be just as bleak. On December 6, 2012, the Ponemon Institute issued its Third Annual Benchmark Study on Patient Privacy & Data Security. The key findings were that a shocking 94 percent of healthcare organizations in the … Continue Reading

Update: Final HITECH Act Regulations Amending HIPAA Privacy And Security Will Be Published In 2012

Photo of John MulhollanBy John Mulhollan on Posted in HIPAA/HITECH, Medical Privacy
During 2011, informal indications were given by the HHS Office of Civil Rights (OCR) and various industry experts that the final HITECH Act regulations amending the HIPAA privacy and security regulations would be published by the end of 2011. However, as of January 6, 2012, the regulations continue to be delayed, due to the numerous … Continue Reading

OCR HIPAA Audit and Site Visit Pilot Program Implemented

Photo of Lynn SessionsBy Lynn Sessions on Posted in HIPAA/HITECH, Medical Privacy
In an effort to comply with Section 13411 of the HITECH Act, the Office for Civil Rights (“OCR”) recently announced the implementation of a pilot program to audit covered entities and business associates to ensure they are complying with the HIPAA Privacy and Security Rules and Breach Notification standards. OCR anticipates performing up to 150 … Continue Reading

Proposed Rule Would Change HIPAA Accounting of Disclosures – Covered Entities Will Continue to Face Significant Technical Challenges

Photo of John MulhollanBy John Mulhollan on Posted in HIPAA/HITECH, Medical Privacy
On May 31, 2011, the U.S. Department of Health and Human Services (HHS) published a proposed rule adopting sweeping changes to the “accounting of disclosures” requirement under 45 C.F.R. § 164.528 that likely are to have a significant impact on the health information technology (HIT) systems being implemented by many healthcare providers, health plans (including … Continue Reading

HHS Withdraws Draft Of Final HIPAA Breach Nofitifcation Rule

Photo of John MulhollanBy John Mulhollan on Posted in Federal Legislation, HIPAA/HITECH, Medical Privacy
On July 28, 2010, the Office of Civil Rights (OCR) of the Department of Health and Human Services (HHS) announced that it withdrew the draft of the final rule for HIPAA breach notification that it had submitted in May to the Office of Management and Budget (OMB) for review. The possible reasons for such withdrawal will be discussed below, but covered entities should note that the obligation to report breaches of unsecured protected health information (PHI), which took effect on September 23, 2009, following the publication of an Interim Final Rule promulgated under the Health Information Technology for Economic and Clinical Health Act (HITECH Act), remains in effect. All covered entities, and their business associates, should have in place and/or adhere to an effective Breach Notification Policy containing appropriate procedures to investigate, report and mitigate breaches of privacy or security of PHI.… Continue Reading
LexBlog