A final rule establishing the temporary certification program for electronic health record (“EHR”) technology was released today by the Office of the National Coordinator for Health Information Technology (“ONC”). As explained by the HHS press release and in a previous HLP blog about the proposed rule, the HITECH Act of…
Articles Posted in HIPAA
RED FLAGS RULE AND IDENTITY THEFT- ENFORCEMENT DELAYED YET AGAIN
In a not surprising turn of events, days before the June 1st deadline, the Federal Trade Commission (“FTC”) announced that it is again delaying the enforcement of the identity theft regulations through December 31, 2010. This latest delay came at the request of certain members of Congress while Congress considers…
HIPAA Security: Risk Analysis Guidance Issued
On May 7, 2010, the Office of Civil Rights (OCR) issued guidance on the risk analysis requirement of the HIPAA Security Rule. Many providers have not paid close attention to the actual requirements of the HIPAA Security Rule. In addition to covered entity providers that must comply with the security…
HITECH Act Expands Requirements for Accounting of Disclosures
The HIPAA Privacy rule currently provides the right of an individual to receive an “accounting of disclosures,” essentially a listing, of occurrences where a HIPAA covered entity has disclosed the individual’s information to others–but this rule has not considered disclosures made for treatment, payment, and health care operations information that…
Meaningful Use of EHR Technology Expanded
Meaningful use of electronic health records (EHR) technology has recently been expanded to include physicians providing services in outpatient facilities, according to the Continuing Extension Act of 2010. Initially, Congress had intended that only those physicians who purchased and implemented EHR technology would be eligible for the incentive payments, which…
Congress Extends 0% Update to Medicare Physician Fee Schedule
The Continuing Extension Act of 2010 was signed into law on April 15. This law reinstates the March 31 Medicare Physician Fee Schedule (Fee Schedule) rates for physicians, postponing, yet again, the anticipated-21.3% cut. The zero percent (0%) update to the Fee Schedule has been extended to May 31 will…
John Muir Health data breach
Today, John Muir Health began notifying its 5,450 patients about a possible breach of their personal and health information. The notifications came two months after two laptop computers were stolen from the John Muir Physician Network Perinatal office in Walnut Creek, California. Although the laptops were password protected, and there…
UPDATE: OCR Makes Certain HITECH Enforcement Delay Official
HLP reported earlier this week that the failure of OCR to issue HIPAA regulations regarding the implementation of the HITECH Act was likely to lead to a delay in enforcement of the relevant provisions, though no official delay had been announced. In an update on its website on Wednesday, OCR…
Office of Civil Rights Hints it May Delay Enforcement of Security Provisions in HITECH Act
While the HITECH Act technically went into effect last month, on February 17, 2010, HHS’s Office of Civil Rights (“OCR”) has yet to issue guidance and regulations about the implementation of new privacy and security requirements contained in the HITECH Act. Because of this failure, OCR has been hinting that…
ONC Proposes Certification Program for Electronic Health Records Systems
The Office of the National Coordinator for Health Information Technology (“ONC”), an office of the Department of Health and Human Services, released a proposed rule creating a program to certify electronic health records (“EHR”) systems. The rule creates both a temporary and a permanent certification system, designed to assure users…