TRENDING:

Fed Panel: Don't Touch Privacy Regs

Recommends relaxing other EHR "meaningful use" criteria Howard Anderson (ismg_editor) • February 17, 2010    
Fed Panel: Don't Touch Privacy Regs
A federal advisory committee has recommended keeping the information privacy and security requirements untouched in pending criteria for demonstrating meaningful use of electronic health records to receive Medicare and Medicaid incentive payments.

The HIT Policy Committee, however, recommended allowing hospitals and physicians to defer compliance with certain other meaningful use criteria, making it easier to qualify for Stage 1 funding, starting in 2011. The deferred criteria would have to be met in Stage 2 instead.

Ultimately, officials at the U.S. Department of Health and Human Services will decide whether to accept the recommendations. Federal officials are receiving public comments on the proposed meaningful use rule and are expected to issue a final rule, which could include extensive changes, in the months ahead.

Security provisions

The proposed rule spelling out meaningful use criteria, which was unveiled at the end of last year, only briefly addresses data security.

It says the meaningful use requirements are designed to ensure that organizations implementing EHRs use the data protection functions within the software as well as "processes and possibly tools outside the scope of the certified EHR technology."

The proposed rule states that to qualify for Stage 1 of the incentive payments, healthcare providers must "conduct or review a security risk analysis of certified EHR technology and implement updates as necessary." For a comprehensive story on the proposed rule, click here.

For more information on the committee, visit healthit.hhs.gov.

Previous
Feds Name Healthcare Chief Privacy Officer
Next
Botnet Strikes 2,500 Organizations Worldwide

About the Author

Howard Anderson

Howard Anderson

Former News Editor, ISMG

Anderson was news editor of Information Security Media Group and founding editor of HealthcareInfoSecurity and DataBreachToday. He has more than 40 years of journalism experience, with a focus on healthcare information technology issues. Before launching HealthcareInfoSecurity, he served as founding editor of Health Data Management magazine, where he worked for 17 years, and he served in leadership roles at several other healthcare magazines and newspapers.



Around the Network

David Derigiotis on the Complex World of Cyber Insurance
David Derigiotis on the Complex World of Cyber Insurance
Whistleblowing Brings Visibility to the Role of CISOs
Whistleblowing Brings Visibility to the Role of CISOs
Craig Box of ARMO on Kubernetes and Complexity
Craig Box of ARMO on Kubernetes and Complexity
Organization-Wide Passwordless Orchestration
Organization-Wide Passwordless Orchestration
Showing Evidence of 'Recognized Security Practices'
Showing Evidence of 'Recognized Security Practices'
The Persisting Risks Posed by Legacy Medical Devices
The Persisting Risks Posed by Legacy Medical Devices
Protecting the Hidden Layer in Neural Networks
Protecting the Hidden Layer in Neural Networks
How 2U Inc. Is Fortifying Its Systems and Solutions Designs
How 2U Inc. Is Fortifying Its Systems and Solutions Designs
Are We Doomed? Not If We Focus on Cyber Resilience
Are We Doomed? Not If We Focus on Cyber Resilience
Aité-Novarica's Cybersecurity Impact Award
Aité-Novarica's Cybersecurity Impact Award

Continue »

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.