On Friday, January 10, 2014, the House of Representatives passed H.R. 3811, the “Health Exchange Security and Transparency Act of 2014” by a vote of 291 to 122. The bill was introduced on January 7, 2014 by Representative Joe Pitts (R-PA), and has a total of 75 cosponsors. Under the bill, the Secretary of Health […]
HITECH
HIPAA, Mental Health and the National Instant Criminal Background Check System Back in the News
Today, the US Department of Health & Human Services (HHS) publishes a proposed rule in the Federal Register by which it seeks to encourage reporting of persons with mental health bars to gun ownership/possession to the National Instant Criminal Background Check System (NICS). It proposes to do so by revising the HIPAA Privacy Rule to […]
CMS Releases Updated HIPAA Security Risk Analysis Tipsheet for EHR Meaningful Use Program
The Centers for Medicare & Medicaid Services (CMS), in conjunction with the HHS Office for Civil Rights (OCR), has recently issued an updated tipsheet on conducting a security risk assessment for health care providers participating in CMS’s Electronic Health Records (EHR) Incentive Programs. To receive incentive payments through the program, providers must demonstrate meaningful use […]
New HHS OIG Report Raises Concerns about Oversight and Enforcement of HIPAA Security Rule
On Wednesday, December 4, 2013, the HHS Office of Inspector General (OIG) issued a report raising concerns about the adequacy of the HHS Office for Civil Rights’ (OCR) oversight and enforcement of HIPAA’s Security Rule. The Security Rule establishes the administrative, physical, and technical safeguards that covered entities and their business associates are required to implement […]
HHS/OCR Posts HIPAA Privacy, Security and Breach Notification Audit Protocol
In our November 30, 2011 and March 7, 2012 posts, we discussed the HHS Office for Civil Rights (OCR) audit pilot program, which began in November 2011 and is expected to conclude in December 2012. The audit program has been developed pursuant to the requirements of the HITECH Act. Under the audit pilot program, OCR conducted an […]