Health IT, HIPAA, and the CMS Incentive Programs Blog
For physicians, hospitals, government agencies, and business associatesRandom HIPAA Compliance Audits Begin
The random HIPAA compliance audits mandated under the HITECH Act will begin this month. Yesterday, the HHS Office of Civil Rights (OCR) announced that every covered entity and business associate is eligible for an audit. To guide future audit efforts, a wide range of...
New Texas Medical Privacy Regulations More Stringent than HIPAA
Texas Governor Perry recently signed House Bill 300 -- which further strengthens Texas medical privacy laws, which were already more stringent than HIPAA. To begin, HIPAA currently covers only providers, insurers, and clearinghouses -- while Texas law covers...
OCR Details HIPAA Audit plans for 2011-2012
On August 11, 2011, the HHS Office of Civil Rights, the agency responsible for enforcement of the HIPAA regulations, delivered its first annual report on HIPAA Compliance and Enforcement to Congress. OCR shed a little light on the subject of random compliance audits...
OIG Criticizes CMS for Poor HIPAA Security Enforcement
In May 2011 The HHS Office of the Inspector General (OIG) published their findings regarding CMS's oversight and enforcement of the HIPAA Security Rule. The findings state that the oversight and enforcement actions "were not sufficient" to insure that covered entities...
At its Beijing facility, Microsoft Hurries Fix to Windows
Reporting from Beijing, China. Microsoft is hurrying to fix a significant problem with windows at its Beijing facility. Recently, Microsoft constructed a new, dual-tower facility in the Haidian district of Beijing to consolidate its 3000 software engineers here in...
Updating Your Risk Analysis for 2011
Hospitals, physician practices, government agencies, business associates and others who must comply with the HIPAA Security regulations should dust off the previous HIPAA Security Risk Analysis and update it for 2011. Hospitals and Physician practices qualifying for...
Achieving Meaningful Use Stage 1 for Privacy and Security
(Editor's Notes: 5/23/2018: Over the last 7 years, this program has morphed annually, although this post remains relevant. The Meaningful Use program is now called "Promoting Interoperability". 10/1/2016: The scope of the Security Risk Analysis for Meaningful Use...
OCR To Train State AGs on HIPAA Enforcement
Fresh news from the National HIPAA Summit, held March 9-11 in Washington DC, is that the HHS Office of Civil Rights has scheduled "HIPAA Enforcement Training" for State Attorneys General. Susan McAndrew, OCR's Deputy Director for Health Information Privacy spoke at...
