Quick Feedback Request
Highlighted Resources & Events
Need Assistance?
Would you like more assistance regarding Privacy and Security strategies or support in using any of the included resource sets?

  Request Support

 

Upcoming Events
The Quadruple Aim
Quadruple Aim

A Conceptual Framework

Improving the U.S. health care system requires four aims: improving the experience of care, improving the health of populations, reducing per capita costs and improving care team well-being. HITEQ Center resources seek to provide content and direction aligned with the goals of the Quadruple Aim

Learn More

Resource Overview

The Office for Civil Right's new HIPAA random audit program is in effect and significantly increases enforcement procedures following breaches, Health Centers need to ensure that their organization is fully complying with HIPAA regulations while at the same time providing systems that meet modern health information sharing and communication requirements that allow for increaseed continuity of care.  

Health Centers will need the right privacy protections for health information, and the necessary documented policies and procedures per HIPAA regulations, as well as documentation of actions taken per the policies of their organization. The resources in this section provide best practices, strategies and templates for better understanding nuances of HIPAA regulations and how they pertain to a Health Center's specific setting.

HIPAA Resources

Mitigating Office for Civil Rights Auditing Risks
HITEQ Center
/ Categories: Privacy and Security, HIPAA

Mitigating Office for Civil Rights Auditing Risks

Guidance from the Office for Civil Rights

The Office for Civil Rights (OCR) has recently announced the release of a new set of FAQs that seeks to address whether business associates of a HIPAA covered entity may block or terminate access by the covered entity to the protected health information maintained by the business associate for or on behalf of the covered entity.

The OCR guidance seeks to clarify that business associates may not use PHI in any manner that may result in a violation of the HIPAA Rules.

Previous Article Security Risk Analysis Tip Sheet
Next Article Guidance on the HIPAA Privacy, Security, and Breach Notification Audit Program
Print
21550
Tags: ePHIPHIHIPAAOCRBusiness AssociatesOffice of Civil RightsProtected Health Information

Resource Links

  • A link to the FAQ on the OCR websiteMay a business associate of a HIPAA covered entity block or terminate access by the covered entity to the protected health information (PHI) maintained by the business associate for or on behalf of the covered entity?

Related Resources

Leave a comment

Add comment

Acknowledgements

This resource collection was cultivated and developed by the HITEQ team with valuable suggestions and contributions from HITEQ Project collaborators.

Looking for something different or have something you think could assist?

HITEQ works to provide top quality resources, but know your needs can be specific. If you are just not finding the right resource or have a highly explicit need then please use the Request a Resource button below so that we can try to better understand your requirements.

If on the other hand you know of a great resource already or have one that you have developed then please get in touch with us by clicking on the Share a Resource button below. We are always on the hunt for tools that can better server Health Centers.

Request a Resource  Share a Resource