October 17, 2019

October 17, 2019

Subscribe to Latest Legal News and Analysis

October 16, 2019

Subscribe to Latest Legal News and Analysis

October 15, 2019

Subscribe to Latest Legal News and Analysis

Office of the National Coordinator for Health Information Technology Releases Privacy and Security Guidance Geared Toward Small Providers

The HHS Office of the National Coordinator for Health Information Technology (“ONC”) recently released a new and improved version 2.0 of their Guide to Privacy and Security of Electronic Health Information.  This revamped version has been reorganized and rewritten to be more user-friendly for small organizations addressing federal privacy and security requirements for their practices.  Though the Guide is targeted to small providers, providers of all sizes, and their business associates, will find it useful.

The Guide provides a general overview of the HIPAA Privacy and Security Rules and the EHR Incentive Programs, and gives pragmatic advice in areas including:

  • How to identify whether a contractor is a Business Associate under HIPAA;

  • When patient authorizations are and are not required to disclose protected health information (“PHI”);

  • Questions to ask EHR health IT developers about security; and

  • How to implement a security management process to address the security requirements of the EHR Incentive Programs.

In addition to the Guide, providers can use the HIPAA compliance and training tools developed by ONC and the Office for Civil Rights (“OCR”) to assess their current privacy and security practices, including the security risk assessment tool, the HIPAA Phase I audit protocol, and ONC’s privacy and security training games.

©1994-2019 Mintz, Levin, Cohn, Ferris, Glovsky and Popeo, P.C. All Rights Reserved.

TRENDING LEGAL ANALYSIS


About this Author

Kate Stewart, Mintz Levin Law Firm, Boston, Health Care Law Attorney
Associate

Kate’s practice involves a variety of regulatory and transactional matters for healthcare providers, including hospitals, physician groups, clinical laboratories, retail health clinics, and pharmacies.  

Kate counsels health care clients on HIPAA compliance, telemedicine practice, licensure and scope of practice issues, clinical trial compliance, physician contracting and the federal Physician Payments Sunshine Act. 

For both Covered Entities and Business Associates, she has advised on initial implementation and updates...

617-348-4427