When the HITECH Act was enacted early in 2009, much was made of its provisions calling for tougher enforcement of the HIPAA privacy and security rules. But we're still waiting for ramped-up enforcement to begin.
The Office of the Inspector General will scrutinize the privacy and security policies of the Department of Health and Human Services, as well as the details of the HITECH Act electronic health record incentive program.
As 2010 draws to a close, federal regulators have a long list of unfinished business in drafting regulations and launching programs to protect patient privacy and bolster information security, as mandated under the HITECH Act.
The most important healthcare information security trend for the year ahead is the rush to implement electronic health records while taking advantage of all their security features, says Dixie Baker, a well-known security expert who's advising federal regulators on policy issues.
The innocent use for three years of a Yahoo calendar application exposed personally identifiable information of 878 patients at the Department of Veterans Affairs' Chicago Healthcare Systems, a violation of VA policy.