Federal officials should consider a major revamp of a proposal that would require healthcare organizations to provide patients with a report listing everyone who has electronically accessed their records, a former government official who helped draft the proposal says.
The Health IT Policy Committee has endorsed best practices for giving patients clear and simple guidance regarding how to safeguard electronic health records when viewing or downloading them, such as through a hospital's or clinic's portal.
When preparing for a potential HIPAA compliance audit, former HIPAA enforcer Adam Greene advises healthcare organizations: "Don't panic. I'm skeptical if it's possible for an organization to be 'audit-proof.' If you try to scramble and get everything in order, you may fail."
The soon-to-be-launched HIPAA compliance audit program likely will initially offer comprehensive assessments of compliance with the HIPAA privacy and security rules, rather than focusing on specific narrower issues, says Susan McAndrew of the HHS Office for Civil Rights.
Federal authorities have received more than 400 comments on a proposed Accounting of Disclosures Rule, including many complaints that its patient record access report provision is impractical.
"The lack of individual accountability over user accounts provides ample opportunities to conceal malicious activity such as theft or misuse of veteran data," VA Assistant Inspector General Belinda Finn says.
Developing good relationships with business associates is an essential component of an information security strategy. It also helps to ensure compliance with HIPAA and the HITECH Act and to avoid breaches. Join us for this webinar, where a leading health information security expert will address such issues...
Dan Rode of the American Health Information Management Association describes why the group wants to see major revisions in a proposed federal rule requiring hospitals, clinics and others to give patients access reports listing everyone who's viewed their records.
BlueCross BlueShield of Tennessee, which experienced a health information breach affecting nearly 1 million individuals in 2009, has completed the encryption of all its stored data.
Two electronic health records pioneers that already have earned federal EHR incentive payments stress that a robust risk management program should be an essential component of any movement from paper to electronic records.
Associations representing clinic administrators, healthcare CIOs and health information managers are asking federal regulators to go back to the drawing board on the access report provision of a proposed Accounting of Disclosures rule.
There was good news and bad news in the reporting of major health information breaches in the past month. The good news: Only four incidents were added to the official federal tally. The bad news: One of those incidents affected 400,000 individuals.
The Privacy and Security Tiger Team is spelling out best practices for giving patients clear and simple guidance regarding how to safeguard electronic health records when downloading them from a hospital or a clinic.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.