42 CFR Part 2 Final Rule and Health Center Compliance
42 CFR Part 2 Final Rule and Health Center Compliance
This 2017 webinar explored the history and recent changes of 42 CFR Part 2, reviewed common definitions, and how the changes may affect integrated medication-assisted treatment (MAT) and Screening, Brief Intervention, and Referral to Treatment (SBIRT) programs, and discussion on LifeLong Medical Care’s experience.
Behavioral Health Consent Management
Behavioral Health Consent Management
The timely exchange of health information between behavioral health providers and physical health providers to support care coordination is a critical element of the National Quality Strategy and health reform efforts. However, privacy and confidentiality concerns are currently limiting the inclusion of behavioral health data in electronic health information exchange efforts.
Creating and Managing Strong Passwords at Your Health Center
Creating and Managing Strong Passwords at Your Health Center
Is it acceptable/recommended for health centers to adopt the new password policy guidelines under NIST Special Publication 800-63B and will that still uphold the HIPAA security rule? This question had been posed to the HITEQ Center asking whether we had any guidance or recommendations on implementing the new NIST Guidelines regarding password security. New Digital Identity Guidelines under NIST Special Publication 800-63-B presents new guidelines regarding password security that are much more user-friendly and consequently more likely to be observed by health center staff since constantly changing, complex password on multiple systems can be a source of frustration for the end user.
Emergency Situations: Preparedness, Planning, and Response
Emergency Situations: Preparedness, Planning, and Response
From the OCR: The Privacy Rule protects individually identifiable health information from unauthorized or impermissible uses and disclosures. The Rule is carefully designed to protect the privacy of health information, while allowing important health care communications to occur. These pages address the release of protected health information for planning or response activities in emergency situations. In addition, please view the Civil Rights Emergency Preparedness page to learn how nondiscrimination laws apply during an emergency.
Guidance on the HIPAA Privacy, Security, and Breach Notification Audit Program
Guidance on the HIPAA Privacy, Security, and Breach Notification Audit Program
The HHS Office for Civil Rights has started its next phase of audits of covered entities and their business associates. The 2016 Phase 2 HIPAA Audit Program will review the policies and procedures adopted and employed by covered entities and their business associates to meet selected standards and implementation specifications of the Privacy, Security, and Breach Notification Rules.
Health Center Defense Against the Dark Web Presentation
Health Center Defense Against the Dark Web Presentation
It is of critical importance to motivate and educate healthcare professionals on current critical privacy and security concepts and methods for defense of health data. Aspects of security awareness training, breach protection, incident response, and related topics all play a role toward organization-wide information protection. Healthcare cybersecurity is the ultimate team sport. The responsibility goes beyond the IT staff and includes front and back office staff, doctors and nurses, patients, executives, and the board of directors. The attached presentation is directed to all levels of the healthcare organization so that they may be proactive and aware.
Health Center Emergency Response Resources
Health Center Emergency Response Resources
Ready to take the next step towards enhanced IT preparedness? The resources linked below, organized by topic, share actionable strategies that health centers can implement to move towards greater resilience.
Health Center Guidelines for Implementing FHIR and the Information Blocking Rule
Health Center Guidelines for Implementing FHIR and the Information Blocking Rule
This resource provides guidance to health centers for implementing FHIR in compliance with the Information Blocking Rule.
Health Center Information Blocking Avenger
Health Center Information Blocking Avenger
In March 2019, the Office of the National Coordinator for Health Information Technology (ONC) issued a Proposed Rule, 21st Century Cures Act: Interoperability, Information Blocking, and the ONC Health IT Certification Program. ONC released a final rule in March 2020, published in the Federal Register on May 1, 2020. The Final Rule on Information Blocking prohibits actors from blocking the exchange of electronic health information and seeks to increase the ease and choices available for patients to access their data.
Click Read More below to understand how this impacts health centers.
Health Center Resilience in the Face of Cyber Adversity
Health Center Resilience in the Face of Cyber Adversity
The use of ransomware — malicious software that restricts access to computer systems with financial demands — has escalated, targeting health centers and putting countless lives at risk. This dire reality came to the forefront during the alarming ransomware attack on the Family Health Center of Worcester, Inc. (FHCW), where the personal health information and care continuity for thousands of patients were compromised. This resource uses FHCW's experience as a case study to demonstrate the imperative of preparedness and the strength of a community-centered response in ensuring the continuity of healthcare services amidst the ever-growing tide of cyber vulnerabilities.