Late last week, the HHS Office for Civil Rights (OCR) and Office of the National Coordinator for Health Information Technology (ONC) released a security risk assessment (SRA) tool designed to help health care providers conduct risk assessments as required by the HIPAA Security Rule. Under the Security Rule, health care providers must perform risk assessments […]
Health Privacy
HIPAA Audit Program Returning?
We previously blogged about the Office for Civil Rights’ (OCR) HIPAA Privacy, Security and Breach Audit Program (HIPAA Audit Program) on November 30, 2011, March 7, 2012, and June 26, 2012. On Monday, OCR published a notice in the Federal Register in which it essentially announces the return of its HIPAA Audit Program. In the notice, […]
OCR Issues New Guidance on the HIPAA Privacy Rule and Sharing of Mental Health Information
Late last week, the HHS Office for Civil Rights (OCR) published guidance designed to help health care providers understand when, consistent with the HIPAA Privacy Rule, they may share information related to a patient’s mental health with others. As we have previously written, HHS seeks to balance a patient’s privacy rights in mental health records […]
New CMS and OCR Rule Provides Patients with Access to Laboratory Test Results
Today, the Centers for Medicare & Medicaid Services (CMS), the HHS Office for Civil Rights (OCR) and the Centers for Disease Control and Prevention (CDC) published a final rule in the Federal Register, amending the Clinical Laboratory Improvement Amendments of 1988 (CLIA) regulations and the HIPAA Privacy Rule to provide patients with greater access to their lab […]
HIPAA, Mental Health and the National Instant Criminal Background Check System Back in the News
Today, the US Department of Health & Human Services (HHS) publishes a proposed rule in the Federal Register by which it seeks to encourage reporting of persons with mental health bars to gun ownership/possession to the National Instant Criminal Background Check System (NICS). It proposes to do so by revising the HIPAA Privacy Rule to […]