HITEQ Resources & Events

A Guide to Essential Cybersecurity Tasks for Health Centers

In an increasingly connected healthcare landscape, health centers face a dual challenge: the rising tide of cyber threats and the need to comply with stringent data protection regulations, all while managing limited resources. The ever-evolving nature of cyberattacks and the complexity of compliance requirements make it essential for health centers to prioritize cybersecurity tasks effectively.
Many Health Center leaders, IT Managers, and Compliance Directors are trying to ensure that they are properly addressing the ongoing tasks related to compliance and security. This guide provides the baseline of day-to-day tasks that health center IT and Compliance staff should consider to protect their systems and comply with regulatory requirements.

Navigating Compliance Challenges with the Information Blocking Rule

Since the 21 Century Cures Act Information Blocking Rule went into effect in 2021, electronic health information (EHI) has become more available than ever as it is posted to portals, sent through health information exchanges, and available via health-related apps upon request by patients. As the availability of EHI has increased, so too have concerns about the privacy of EHI. Like other actors, health centers are faced with new compliance challenges, including how to best protect sensitive EHI, how to respond to patient requests to restrict access to their EHI, and how to respond when patients request changes to their EHI. Health centers must navigate complex and, at times, conflicting federal and state laws and regulations. This webinar focused on how to navigate these challenges while complying with the Information Blocking Rule.

405(d) Spotlight Webinar! The Healthcare Cybersecurity Benchmarking Study

In this installment of the 405(d) Spotlight Webinar, 405(d) Task Group Member Ed Gaudet and Insights Manager, Ruirui Sun will present high level findings from The Healthcare Cybersecurity Benchmarking Study. This landmark initiative establishes collaborative, robust, and actionable cybersecurity benchmarks for the healthcare industry, and, for the first time, combines benchmarks across key organizational metrics, NIST Cybersecurity Framework (NIST CSF), and the HHS 405(d) Health Industry Cybersecurity Practices (HICP). Join this session to see what’s happening in healthcare cybersecurity today and to find out which best practices are needed to fight these growing threats.

Patient Portals & Right of Access: Compliance with the Information Blocking rule and HIPAA

There are many questions about patient portals and the related requirements under the Information Blocking Rule. In this session, our expert speaker will review the impact of the Information Blocking Rule on implementation and use of the patient portal.

Over the last few years, the Office of Civil Rights has focused much of its enforcement efforts on ensuring patients are afforded their HIPAA right to access their protected health information (PHI). The Privacy Rule generally requires HIPAA covered entities to provide individuals, upon request, with access to the PHI (including electronic PHI) about them in one or more “designated record sets” maintained by or for the covered entity. This includes the right to inspect or obtain a copy, or both, of the PHI. It also includes an individual’s right to direct the covered entity to transmit a copy of their PHI to a designated person or entity of the individual’s choice.

HITEQ Highlights: Reducing Digital Inequities in Healthcare - A Digital Equity eXperts Program at Hennepin Healthcare

Increasingly conversations about telehealth describe the need for tailored approaches to digital navigation and literacy to ensure equitable access for all patients. During this session, we will discuss the experience of a large safety net system’s experience of developing a digital navigation program and the resulting impacts on patient healthcare access and connection to community programs.