Quick Feedback Request
Need Assistance?
Would you like more assistance regarding Health IT and QI Workforce Development strategies or support in using any of the included resource sets?

  Request Support

 

The Quadruple Aim
Quadruple Aim

A Conceptual Framework

Improving the U.S. health care system requires four aims: improving the experience of care, improving the health of populations, reducing per capita costs and improving care team well-being. HITEQ Center resources seek to provide content and direction aligned with the goals of the Quadruple Aim

Learn More

Health IT & QI Workforce Professional Development
42 CFR Part 2 Final Rule and Health Center Compliance
42 CFR Part 2 Final Rule and Health Center Compliance

42 CFR Part 2 Final Rule and Health Center Compliance

This 2017 webinar explored the history and recent changes of 42 CFR Part 2, reviewed common definitions, and how the changes may affect integrated medication-assisted treatment (MAT) and Screening, Brief Intervention, and Referral to Treatment (SBIRT) programs, and discussion on LifeLong Medical Care’s experience.

Behavioral Health Consent Management
Behavioral Health Consent Management

Behavioral Health Consent Management

The timely exchange of health information between behavioral health providers and physical health providers to support care coordination is a critical element of the National Quality Strategy and health reform efforts. However, privacy and confidentiality concerns are currently limiting the inclusion of behavioral health data in electronic health information exchange efforts.

Creating and Managing Strong Passwords at Your Health Center
Creating and Managing Strong Passwords at Your Health Center

Creating and Managing Strong Passwords at Your Health Center

Is it acceptable/recommended for health centers to adopt the new password policy guidelines under NIST Special Publication 800-63B and will that still uphold the HIPAA security rule? This question had been posed to the HITEQ Center asking whether we had any guidance or recommendations on implementing the new NIST Guidelines regarding password security.  New Digital Identity Guidelines under NIST Special Publication 800-63-B presents new guidelines regarding password security that are much more user-friendly and consequently more likely to be observed by health center staff since constantly changing, complex password on multiple systems can be a source of frustration for the end user. 

Emergency Situations: Preparedness, Planning, and Response
Emergency Situations: Preparedness, Planning, and Response

Emergency Situations: Preparedness, Planning, and Response

From the OCR: The Privacy Rule protects individually identifiable health information from unauthorized or impermissible uses and disclosures. The Rule is carefully designed to protect the privacy of health information, while allowing important health care communications to occur. These pages address the release of protected health information for planning or response activities in emergency situations.  In addition, please view the Civil Rights Emergency Preparedness page to learn how nondiscrimination laws apply during an emergency.

Guidance on the HIPAA Privacy, Security, and Breach Notification Audit Program
Guidance on the HIPAA Privacy, Security, and Breach Notification Audit Program

Guidance on the HIPAA Privacy, Security, and Breach Notification Audit Program

The HHS Office for Civil Rights has started its next phase of audits of covered entities and their business associates. The 2016 Phase 2 HIPAA Audit Program will review the policies and procedures adopted and employed by covered entities and their business associates to meet selected standards and implementation specifications of the Privacy, Security, and Breach Notification Rules. 

Health Center Defense Against the Dark Web Presentation
Health Center Defense Against the Dark Web Presentation

Health Center Defense Against the Dark Web Presentation

It is of critical importance to motivate and educate healthcare professionals on current critical privacy and security concepts and methods for defense of health data. Aspects of security awareness training, breach protection, incident response, and related topics all play a role toward organization-wide information protection. Healthcare cybersecurity is the ultimate team sport. The responsibility goes beyond the IT staff and includes front and back office staff, doctors and nurses, patients, executives, and the board of directors. The attached presentation is directed to all levels of the healthcare organization so that they may be proactive and aware.

Health Center Emergency Response Resources
Health Center Emergency Response Resources

Health Center Emergency Response Resources

Ready to take the next step towards enhanced IT preparedness? The resources linked below, organized by topic, share actionable strategies that health centers can implement to move towards greater resilience.
Health Center Information Blocking Avenger
Health Center Information Blocking Avenger

Health Center Information Blocking Avenger

In March 2019, the Office of the National Coordinator for Health Information Technology (ONC) issued a Proposed Rule, 21st Century Cures Act: Interoperability, Information Blocking, and the ONC Health IT Certification Program. ONC released a final rule in March 2020, published in the Federal Register on May 1, 2020. The Final Rule on Information Blocking prohibits actors from blocking the exchange of electronic health information and seeks to increase the ease and choices available for patients to access their data

Click Read More below to understand how this impacts health centers.
Health Center Resilience in the Face of Cyber Adversity
Health Center Resilience in the Face of Cyber Adversity

Health Center Resilience in the Face of Cyber Adversity

The use of ransomware — malicious software that restricts access to computer systems with financial demands — has escalated, targeting health centers and putting countless lives at risk. This dire reality came to the forefront during the alarming ransomware attack on the Family Health Center of Worcester, Inc. (FHCW), where the personal health information and care continuity for thousands of patients were compromised. This resource uses FHCW's experience as a case study to demonstrate the imperative of preparedness and the strength of a community-centered response in ensuring the continuity of healthcare services amidst the ever-growing tide of cyber vulnerabilities.

Acknowledgements

This resource collection was compiled by the HITEQ staff with portions contributed by Chris Espersen, HITEQ Advisory Committee member and Independent Contractor and Past President of Midwest Clinicians Network; Shane McBride, Independent Contractor and Past Vice President of Quality and Clinical Systems at South End Community Health Center; Chris Grasso, Associate Director for Informatics & Data Services- The Fenway Institute; and Ed Phippen, Principal - Phippen Consulting, LLC.