A final rule establishing the temporary certification program for electronic health record (“EHR”) technology was released today by the Office of the National Coordinator for Health Information Technology (“ONC”). As explained by the HHS press release and in a previous HLP blog about the proposed rule, the HITECH Act of…
In a not surprising turn of events, days before the June 1st deadline, the Federal Trade Commission (“FTC”) announced that it is again delaying the enforcement of the identity theft regulations through December 31, 2010. This latest delay came at the request of certain members of Congress while Congress considers…
On May 7, 2010, the Office of Civil Rights (OCR) issued guidance on the risk analysis requirement of the HIPAA Security Rule. Many providers have not paid close attention to the actual requirements of the HIPAA Security Rule. In addition to covered entity providers that must comply with the security…
The HIPAA Privacy rule currently provides the right of an individual to receive an “accounting of disclosures,” essentially a listing, of occurrences where a HIPAA covered entity has disclosed the individual’s information to others–but this rule has not considered disclosures made for treatment, payment, and health care operations information that…
Meaningful use of electronic health records (EHR) technology has recently been expanded to include physicians providing services in outpatient facilities, according to the Continuing Extension Act of 2010. Initially, Congress had intended that only those physicians who purchased and implemented EHR technology would be eligible for the incentive payments, which…
The Continuing Extension Act of 2010 was signed into law on April 15. This law reinstates the March 31 Medicare Physician Fee Schedule (Fee Schedule) rates for physicians, postponing, yet again, the anticipated-21.3% cut. The zero percent (0%) update to the Fee Schedule has been extended to May 31 will…
Today, John Muir Health began notifying its 5,450 patients about a possible breach of their personal and health information. The notifications came two months after two laptop computers were stolen from the John Muir Physician Network Perinatal office in Walnut Creek, California. Although the laptops were password protected, and there…
HLP reported earlier this week that the failure of OCR to issue HIPAA regulations regarding the implementation of the HITECH Act was likely to lead to a delay in enforcement of the relevant provisions, though no official delay had been announced. In an update on its website on Wednesday, OCR…
While the HITECH Act technically went into effect last month, on February 17, 2010, HHS’s Office of Civil Rights (“OCR”) has yet to issue guidance and regulations about the implementation of new privacy and security requirements contained in the HITECH Act. Because of this failure, OCR has been hinting that…
The Office of the National Coordinator for Health Information Technology (“ONC”), an office of the Department of Health and Human Services, released a proposed rule creating a program to certify electronic health records (“EHR”) systems. The rule creates both a temporary and a permanent certification system, designed to assure users…