Health IT, HIPAA, and the CMS Incentive Programs Blog
For physicians, hospitals, government agencies, and business associates
Ohio DODD Initiates HIPAA Review of DD Boards
Information on the HIPAA compliance review of Ohio county Developmental Disability Boards by the Ohio DODD, including the security assessment method.
Not Familiar with 42 CFR Part 2? Perhaps You Should Be.
42 CFR Part 2 is a federal law aimed at protecting the confidentiality of substance abuse patient records. It is more restrictive than HIPAA in numerous ways, so you have to be careful with these records should you receive them. Under 42 CFR Part 2, the restrictions...
CMS Releases MIPS 2019 Proposed Rule: Top 3 Items to Be Aware Of
As we are moving through through year 2 of the MIPS program, it is imperative that eligible clinicians simultaneously prepare for the next few years and the prospective changes to come. With the release of the proposed rule for 2019, participants can get a sense of...
MIPS Cost Category: What Can You Do About It? Pt. 1
There are four categories to the 2018 MIPS program: quality, promoting interoperability (formerly advancing care information), improvement activities, and the cost category. Though seemingly new to the program for 2018, the cost performance category was being tracked...
MIPS Final Scores Not What You Were Expecting?
Eligible clinicians and groups that participated in MIPS performance year 2017 can now view their final scores as well as review the calculation of their 2019 payment adjustment. Per the MIPS regulation, the final scores received for performance year 2017 will dictate...
New Guidance from OCR: Patching Software is Not Optional!
The Department of Health and Human Services Office of Civil Rights (OCR) published its Guidance titled "Guidance on Software Vulnerabilities and Patching", in its June 2018 newsletter. In this Guidance, OCR stated that "identifying and mitigating the risks unpatched...
Who are the Threats to Public Health Information?
A key component of any risk analysis and risk management program is understanding who the threats to your organization’s PHI data are.
Model Business Associate Agreements (BAAs) for Business Associates
Entities who are Business Associates need a model BAA to use with their customers, and may also have subcontractors for which a BAA is also needed. Should you use the same agreement? Probably not! Eagle recently updated the model BAA included in our various HIPAA...
