Issue Brief for implementing commercial applications for telehealth consistent with March 2020 OCR Guidance
HHS Office of Civil Rights (OCR), the entity responsible for enforcing regulations under HIPAA, stated, effective immediately, it will exercise enforcement discretion and will not impose penalties for HIPAA violations against covered healthcare providers if patients are served on a good faith basis during the COVID-19 nationwide public health emergency. Find out what this means in implementation by accessing this issue brief.
A publication of the Cybersecurity Act of 2015, Section 405(d) Task Group
The HIPAA Security Rule establishes the requirements for protection of electronic patient health information. The safeguards identified are made up of three domains that include administrative, physical, and technical safeguards that need to be addressed. The technical safeguards as defined within 45 CFR §164.312 of the HIPAA Security Rule can be some of the most difficult to comprehend and implement for smaller Health Centers with lower levels of IT and security staffing. Resources and tools that help Health Centers better process and implement these security requirements are much needed and require well-documented methods for planning and maintaining critical security controls.
A HITEQ Privacy & Security Resource - October 2018 updates for the ONC SRA tool
Anonym
39642
To successfully attest, providers must conduct a security risk assessment (SRA), implement updates as needed, and correctly identify security deficiencies. By conducting an SRA regularly, providers can identify and document potential threats and vulnerabilities related to data security, and develop a plan of action to mitigate them.
Frequently Asked Questions (FAQs) and Fact Sheets regarding the Substance Abuse Confidentiality Regulations
Anonym
42595
Frequently Asked Questions (FAQs) and Fact Sheets regarding the Substance Abuse Confidentiality Regulations.
Two fact sheets include:
FAQs about Applying the Substance Abuse Confidentiality Regulations, answers provided by Substance Abuse and Mental Health Services Administration (SAMHSA)
Guidance from the Office for Civil Rights
From the OCR: The Privacy Rule protects individually identifiable health information from unauthorized or impermissible uses and disclosures. The Rule is carefully designed to protect the privacy of health information, while allowing important health care communications to occur. These pages address the release of protected health information for planning or response activities in emergency situations. In addition, please view the Civil Rights Emergency Preparedness page to learn how nondiscrimination laws apply during an emergency.