42 CFR Part 2 Final Rule and Health Center Compliance 42 CFR Part 2 Final Rule and Health Center Compliance HITEQ Center 6/21/2017 3:00 PM - 4:00 PM 0 45020 A HITEQ Webinar in collaboration with the California Primary Care Association (CPCA) This 2017 webinar explored the history and recent changes of 42 CFR Part 2, reviewed common definitions, and how the changes may affect integrated medication-assisted treatment (MAT) and Screening, Brief Intervention, and Referral to Treatment (SBIRT) programs, and discussion on LifeLong Medical Care’s experience. Read more
Behavioral Health Consent Management Behavioral Health Consent Management HITEQ Center Sunday, February 16, 2020 0 19842 From the Office of the National Coordinator The timely exchange of health information between behavioral health providers and physical health providers to support care coordination is a critical element of the National Quality Strategy and health reform efforts. However, privacy and confidentiality concerns are currently limiting the inclusion of behavioral health data in electronic health information exchange efforts. Read more
Creating and Managing Strong Passwords at Your Health Center Creating and Managing Strong Passwords at Your Health Center HITEQ Center Friday, April 6, 2018 0 44105 Guidance in relation to updated NIST security requirements and HIPAA Is it acceptable/recommended for health centers to adopt the new password policy guidelines under NIST Special Publication 800-63B and will that still uphold the HIPAA security rule? This question had been posed to the HITEQ Center asking whether we had any guidance or recommendations on implementing the new NIST Guidelines regarding password security. New Digital Identity Guidelines under NIST Special Publication 800-63-B presents new guidelines... Read more
Emergency Situations: Preparedness, Planning, and Response Emergency Situations: Preparedness, Planning, and Response Office for Civil Rights Tuesday, September 26, 2017 0 35306 Guidance from the Office for Civil Rights From the OCR: The Privacy Rule protects individually identifiable health information from unauthorized or impermissible uses and disclosures. The Rule is carefully designed to protect the privacy of health information, while allowing important health care communications to occur. These pages address the release of protected health information for planning or response activities in emergency situations. In addition, please view the Civil Rights Emergency Preparedness page... Read more
Guidance on the HIPAA Privacy, Security, and Breach Notification Audit Program Guidance on the HIPAA Privacy, Security, and Breach Notification Audit Program HHS Office for Civil Rights Monday, October 31, 2016 0 23892 Overview and details for 2016 provided by the Office for Civil Rights The HHS Office for Civil Rights has started its next phase of audits of covered entities and their business associates. The 2016 Phase 2 HIPAA Audit Program will review the policies and procedures adopted and employed by covered entities and their business associates to meet selected standards and implementation specifications of the Privacy, Security, and Breach Notification Rules. Read more
Health Center Defense Against the Dark Web Presentation Health Center Defense Against the Dark Web Presentation HITEQ Center Monday, October 28, 2019 0 28469 Strategies for Building Security Awareness, Education and Compliance It is of critical importance to motivate and educate healthcare professionals on current critical privacy and security concepts and methods for defense of health data. Aspects of security awareness training, breach protection, incident response, and related topics all play a role toward organization-wide information protection. Healthcare cybersecurity is the ultimate team sport. The responsibility goes beyond the IT staff and includes front and back office staff, doctors and... Read more
Health Center Guidelines for Implementing FHIR and the Information Blocking Rule Health Center Guidelines for Implementing FHIR and the Information Blocking Rule Molly Rafferty Wednesday, September 6, 2023 0 3823 HITEQ Center, September 2023 This resource provides guidance to health centers for implementing FHIR in compliance with the Information Blocking Rule. Read more
Health Center Information Blocking Avenger Health Center Information Blocking Avenger HITEQ Center Tuesday, April 13, 2021 0 22088 A HITEQ Center Training Badge In March 2019, the Office of the National Coordinator for Health Information Technology (ONC) issued a Proposed Rule, 21st Century Cures Act: Interoperability, Information Blocking, and the ONC Health IT Certification Program. ONC released a final rule in March 2020, published in the Federal Register on May 1, 2020. The Final Rule on Information Blocking prohibits actors from blocking the exchange of electronic health information and seeks to increase the ease and choices available... Read more
Health Center Resilience in the Face of Cyber Adversity Health Center Resilience in the Face of Cyber Adversity Molly Rafferty Wednesday, February 21, 2024 0 1210 A Case Study of the Family Health Center of Worcester’s Ransomware Incident, February 2024 The use of ransomware — malicious software that restricts access to computer systems with financial demands — has escalated, targeting health centers and putting countless lives at risk. This dire reality came to the forefront during the alarming ransomware attack on the Family Health Center of Worcester, Inc. (FHCW), where the personal health information and care continuity for thousands of patients were compromised. This resource uses FHCW's experience as a case study to demonstrate the... Read more
Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients HITEQ Center Friday, May 10, 2019 0 28800 A publication of the Cybersecurity Act of 2015, Section 405(d) Task Group The HIPAA Security Rule establishes the requirements for protection of electronic patient health information. The safeguards identified are made up of three domains that include administrative, physical, and technical safeguards that need to be addressed. The technical safeguards as defined within 45 CFR §164.312 of the HIPAA Security Rule can be some of the most difficult to comprehend and implement for smaller Health Centers with lower levels of IT and security staffing. Resources and... Read more
FHIR: Fast Healthcare Interoperability Resources FHIR: Fast Healthcare Interoperability Resources FHIR: Fast Healthcare Interoperability Resources
Using Health IT and EHRs to Address the Burden Providers Experience Using Health IT and EHRs to Address the Burden Providers Experience Using Health IT and EHRs to Address the Burden Providers Experience