Health IT, HIPAA, and the CMS Incentive Programs Blog
For physicians, hospitals, government agencies, and business associatesHIPAA “Business Associate” Definition Updated – a note for the County Board of Developmental Disabilities
The HIPAA Omnibus Rule – with a compliance deadline of September 23, 2013 – updated the definition of the term "Business Associate". The definition includes a laundry list of business functions and services that cause a vendor to be a HIPAA Business Associate. The...
Eagle Consulting Releases Redlined HIPAA Regulations showing Omnibus Rule Changes
Eagle Consulting has released a redlined version of the HIPAA Privacy, Security and Breach regulations highlighting the changes introduced by the Omnibus Rule, which was officially published January 25, 2013. The redlined version allows covered entities, business...
Long Delayed HIPAA Omnibus Rule released
After years of waiting, the Federal Department of Health and Human Services released last week what has come to be called the HIPAA Omnibus Rule. "The new rule will help protect patient privacy and safeguard patients' health information in an ever expanding digital...
OCR Unveils Guidance regarding De-identification under HIPAA
The Office of Civil Rights yesterday published detailed guidance regarding the provisions in the HIPAA Privacy regulations that deal with de-identification of protected health information (PHI). The general idea of this provision is that healthcare data sets may be...
Risk Analysis – Hurricane Sandy, the Cloud, and System Downtime
With the meaningful use incentives, hospitals and physician practices are conducting their HIPAA Security Risk Analysis per 45 CFR 164.308(a)(1). The risk analysis focuses on the confidentiality, integrity and availability of health information. The last of these...
Determining Probabilities in the Risk Analysis
The HITECH Act, in particular the meaningful use incentive program for physicians and hospitals, has placed the computer security risk analysis in the spotlight. Meaningful use requires a risk analysis, also called a risk assessment, as per the HIPAA Security rules in...
Meaningful Use Audits Underway
CMS has announced that providers – hospitals and physicians – who received meaningful use incentive payments are now being audited. CMS has outsourced this function to the New York audit contractor Figliozzi & Company. Providers who fail to produce documentation...
Alaska Medicaid pays $1.7M in first HIPAA Enforcement Action against public agency
Yesterday, the Alaska Department of Health and Social Services (DHSS), the state Medicaid agency, agreed to pay the U.S. Department of Health and Human Services (HHS) $1,700,000 to settle possible violations of the HIPAA Security rule. DHSS further agreed to a...
