Childhood Obesity Preventer

This slide deck provides health centers with information and a presentation template overview of the HIPAA and electronic PHI risks related to texting and messaging that are important for health center leadership and IT managers to understand in making organizational decisions for these types of tools.

A Health Center’s online reputation plays an ever-growing role in client satisfaction, as 6 out of 10 patients use online patient reviews before selecting a physician. This webinar and related handouts recommend three specific steps to managing your reputation online to improve patient engagement.

There are thousands of consumer health applications (health apps), which run on smartphones, watches, tablets, and other mobile devices. These Health Apps are available for download for general consumers, patients, and healthcare professionals. Currently, there is no governmental agency that provides certification or guidance on health apps, although there are several projects from organizations such as HL7, the FDA, ONC, and OCR that are working to provide guidance. User discrepancy in terms of the validity and safety of the health apps they choose to use are primarily based on ratings or recommendations. This guide seeks to provide a health app decision tree that can assist medical professionals and consumers in making wise choices when using health apps.

From the OCR: The Privacy Rule protects individually identifiable health information from unauthorized or impermissible uses and disclosures. The Rule is carefully designed to protect the privacy of health information, while allowing important health care communications to occur. These pages address the release of protected health information for planning or response activities in emergency situations.  In addition, please view the Civil Rights Emergency Preparedness page to learn how nondiscrimination laws apply during an emergency.

From the OCR: Severe disasters – such as Hurricanes Harvey, Irma, and Maria – impose additional challenges on health care providers. Often questions arise about the ability of entities covered by the HIPAA regulations to share information, including with friends and family, public health officials, and emergency personnel. As summarized in more detail below, the HIPAA Privacy Rule allows patient information to be shared to assist in disaster relief efforts, and to assist patients in receiving the care they need. In addition, while the HIPAA Privacy Rule is not suspended during a public health or other emergency, the Secretary of HHS may waive certain provisions of the Privacy Rule under the Project Bioshield Act of 2004 (PL 108-276) and section 1135(b)(7) of the Social Security Act.

The Office for Civil Rights (OCR) has recently announced the release of a new set of FAQs that seeks to address whether business associates of a HIPAA covered entity may block or terminate access by the covered entity to the protected health information maintained by the business associate for or on behalf of the covered entity.

Conducting or reviewing a security risk analysis to meet the standards of Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule is included in the meaningful use requirements of the Medicare and Medicaid EHR Incentive Programs.