The 800-Pound HIE Gorilla Tiger in "Meaningful Use"
There has been a lot of discussion around the Meaningful Use (MU) criteria. CMS has an entire website dedicated to the subject, as does ONC. Although the clinical criteria of MU may garner much of the...
View ArticleAetna "forgets" file cabinet full of patient information
A reminder to all covered entities out there that may be considering selling their business – don’t forget your file cabinet!! (or computers .. or disks ... or seemingly “empty” boxes where PHI may be...
View Article"Psychotherapy Notes" may Come Out From the Drawer
Currently, "psychotherapy notes" remains a very, very narrowly defined term under the Privacy Rule, and does not include general mental health information, including progress notes. The exact...
View ArticleAccounting of Disclosures Proposed Rule up for Review: The Beginning of a...
Prepared by Krystyna H. Nowik, Esq. The Office of Management and Budget (OMB) has finally received the long-awaited proposed rule addressing HITECH’s accounting of disclosure amendments. As originally...
View Article4.3 Million Penalty Assessed Under HITECH for HIPAA violations
One might say that it looks like HHS and OCR are making up for all those years people have said there has been a lack of enforcement of HIPAA -- 4.3 million dollars worth of "making up for lost time"...
View ArticleKansas Aligns State Privacy Laws with HIPAA as HIE Standard
Today, the State of Kansas’ Senate committee approved (by a vote of 39-0) Senate Bill 133 to align the state’s privacy laws with HIPAA. The Kansas Health Information Exchange, Inc. (the state’s RHIO)...
View ArticleOne, Two HIPAA Penalty Punch from HHS and OCR
Just as gasps from the 4.3 million dollar penalty OCR assessed against Cignet Health of Maryland started to subside, OCR delivers a whopping 1 million dollar penalty to another hospital -- this time to...
View ArticleSecurity Breach Response: Lessons Learned from the Epsilon Breach
Does the notice below look familiar? Chase is letting our customers know that we have been informed by Epsilon, a vendor we use to send e-mails, that an unauthorized person outside Epsilon accessed...
View ArticleHelen Oscislawski Invited to Speak at National HIPAA Summit
I attend the annual National HIPAA Summit in Washington D.C. every year to keep on top of developments with HIPAA and related topics, and so I was thrilled to find out that one of the Co-Chairs of the...
View ArticleHITECH Omnibus and AOD Rules Set for OMB Review
Health Data Management reports that the long-awaited HITECH Omnibus Rule as well as the Accounting of Disclosures (AOD) Rule are set for OMB review. Expected also are proposed regulations for...
View ArticleHITECH Omnibus Rule Out by End of Summer
HealthDataManagement reports that the HITECH "Omnibus Rule" is due to be released by the end of the summer, according to Farzad Mostashari, the National Coordinator for Health Information Technology...
View Article"Final Countdown" to the HITECH Omnibus Rule
The date for publication of the HITECH "Omnibus Rule" has become a contest for some. Data breach consultant, IdExperts, has launched a "Final Coundown" contest for individuals to guess the date on...
View ArticleKaiser Permanente Faces Investigation Over Inappropriate Storage of Patient...
Kaiser Permanente is facing investigation over the handling of approximately 300,000 patient records by a contract storage firm. According to an article in the LA Times, Kaiser contracted with small...
View ArticleDeciphering the HITECH Omnibus Rule: Business Associates
Since the HITECH Notice of Proposed Rulemaking (NPRM) was released in July of 2010, covered entities and business associates have been waiting (im)patiently for the Final HITECH Omnibus Rule to be...
View ArticleTerms and Conditions May Apply: Consequences of Email-Provider Email Scanning
This guest blog post was written by Van Zimmerman, Esq. Van is currently the Privacy and Security Officer at Jersey Health Connect, a New Jersey health information exchange network. Van has over 18...
View Article