A representative of the U.S. Department of Health and Human Services’s Office for Civil Rights (OCR) has recently revealed that OCR has delayed the start of phase 2 of its HIPAA Audit Program – and has revised its plans for phase 2. Previous Plans for Phase 2 Earlier this year, OCR had announced that phase […]
Health Information Security
HHS OIG Releases Report Regarding ONC’s Oversight of Testing and Certification of Electronic Health Records
The HHS Office of Inspector General (OIG) recently issued a report regarding the Office of the National Coordinator for Health Information Technology’s (ONC) oversight of electronic health record (EHR) testing and certification, “The Office of the National Coordinator for Health Information Technology’s Oversight of the Testing and Certification of Electronic Health Records.” ONC was statutorily […]
Angela Burnette and Julia Dempewolf Publish Article On Student Privacy and Preventing Campus Violence
Angela Burnette, Counsel at Alston & Bird, and Julia Dempewolf, an associate at Alston & Bird, have compiled practical guidance for schools and universities to consider regarding student privacy and the prevention of school violence. Their recent article, published by LexisNexis in Health Care Law Monthly, is entitled “Clarity Instead of Confusion: Available Solutions Under […]
Transmitting PHI by Email
Email has become an important mode of communication for business operations, with approximately 100 billion business emails sent in 2013 alone. Included in these messages are patients’ personal and health information, such as test results, diagnoses, and social security numbers. The Privacy and Security Rules of the Health Insurance Portability and Accountability Act of 1996 […]
OCR and ONC Release New Security Risk Assessment Tool
Late last week, the HHS Office for Civil Rights (OCR) and Office of the National Coordinator for Health Information Technology (ONC) released a security risk assessment (SRA) tool designed to help health care providers conduct risk assessments as required by the HIPAA Security Rule. Under the Security Rule, health care providers must perform risk assessments […]