Category Archives: HIPAA, HIT and EHR

Subscribe to HIPAA, HIT and EHR RSS Feed

OCR Posts Protocol for Audits Required by HITECH Act

OCR posted on its website the protocol used to conduct the audits required by the HITECH Act.  The OCR HIPAA Audit program analyzes key processes, controls, and policies of selected covered entities pursuant to the HITECH Act audit requirement.  OCR established a comprehensive audit protocol that contains the requirements to be assessed through these performance … Continue Reading

United States will Allocate Spectrum for Medical Area Body Networks

Contributed by Lee Kim, Esq. 412.594.3915   The Federal Communications Commission (FCC) announced that it will adopt rules to enable Medical Body Area Networks (MBANs)).  MBANs are low-power wideband networks.  MBAN technology comprises multiple body-worn sensors that transmit patient data to a control device for actively monitoring a patient’s health, such as vital signs, blood glucose … Continue Reading

CMS Publishes Corrections to Meaningful Use Stage 2 Proposed Rule

The Centers for Medicare and Medicaid Services has published corrections to its Meaningful Use Stage 2 proposed rule in the Federal Register.  “This document corrects technical errors and typographical errors in the proposed rule entitled ‘Medicare and Medicaid Programs; Electronic Health Record Incentive Program—Stage 2’ which appeared in the March 7, 2012, Federal Register.”  The … Continue Reading

HHS Settlement with Physician Practice

Contributed by: Lee Kim, Esq. 412.594.3915   The HHS Office for Civil Rights (OCR) received a report that a physician practice, Phoenix Cardiac Surgery (PCS), was posting clinical and surgical appointments for their patients on an Internet-based calendar that was publicly accessible.  OCR investigated and found that PCS  had implemented few policies and procedures to … Continue Reading

Data Breach of 24,000 Medicaid Claims by Hackers

  Contributed by Lee Kim, Esq. 412.594.3915 Representatives from the Utah Department of Health (UDOH) and the Utah Department of Technology Services (DTS) announced details of a data breach by hackers involving 24,000 Medicaid claims.  Information which may have been compromised included names, addresses, social security numbers, birth dates, and procedure codes according to the … Continue Reading

ONC Mobile Devices Roundtable

Contributed by: Lee Kim, Esq. 412.594.3915 Previously, we commented on the ONC Mobile Devices Roundtable on March 16, 2012.  Now, the video and other materials are available online.  These materials may be accessed via the following link: http://healthit.hhs.gov/portal/server.pt/community/healthit_hhs_gov__mobile_devices_roundtable/3815?q=mobiledevicesroundtable#archive.  (ONC has a Youtube video channel.  This link leads to that for the video content.)  … Continue Reading

Thoughts on the ONC Health IT Mobile Devices Roundtable: Safeguarding Health Information

Contributed by: Lee Kim, Esq. 412.594.3915 The ONC Health IT Mobile Devices roundtable is being aired today, on March 16, 2012, by way of live video webcast at http://www.hhs.gov/live.  Here are my thoughts upon hearing the content (which is certainly instructive and helpful) (and this was submitted to ONC Health IT for public comment): 1. … Continue Reading

HHS Settles HIPAA Case with Blue Cross Blue Shield of Tennessee for $1.5 Million

Contributed by: Lee Kim, Esq. 412.594.3915 The HITECH Breach Notification Rule requires covered entities to report an impermissible use or disclosure of protected health information, or a “breach,” of 500 individuals or more to HHS and the media.  Smaller breaches affecting less than 500 individuals must be reported to the secretary on an annual basis.  … Continue Reading

Meaningful Use Stage 2 NPRM

Contributed by: Lee Kim, Esq. 412.594.3915 CMS has released the notice of proposed rulemaking for meaningful use stage 2 and has provided an overview fact sheet outlining the differences from stage 1. Link to NPRM: http://www.ofr.gov/OFRUpload/OFRData/2012-04443_PI.pdf Link to fact sheet: https://www.cms.gov/apps/media/press/factsheet.asp?Counter=4286&intNumPerPage=10&checkDate=&checkKey=&srchType=1&numDays=3500&srchOpt=0&srchData=&keywordType=All&chkNewsType=6&intPage=&showAll=&pYear=&year=&desc=&cboOrder=date… Continue Reading

HIPAA Privacy and Security Rule Audits and Enforcement

  Contributed by Lee Kim, Esq. 412.594.3915 The HITECH Act mandates HIPAA audit and enforcement. In that vein, the US Department of Health and Human Services Office for Civil Rights (OCR) announced a pilot program to perform audits of covered entities to assess their HIPAA Privacy and Security compliance. The covered entities to be audited include a … Continue Reading

Mobile Devices Roundtable: Safeguarding Health Information

  Mobile Devices Roundtable: Safeguarding Health Information   Friday, March 16, 2012, 8:30 a.m. – 12:30 p.m. EST   Location: Hubert H. Humphrey Building U.S. Department of Health and Human Services – Great Hall 200 Independence Avenue, S.W., Washington, DC   Or via webcast (please see the HealthIT.gov link below)   The Roundtable will include … Continue Reading

MARCH 8-9, 2012: Canada – US Healthcare Technology Summit: Improving Care through Innovation

MARCH 8-9, 2012: Canada – US Healthcare Technology Summit: Improving Care through Innovation Thursday evening networking 3/8/12 & Educational Seminar Friday 3/9/12 Doubletree Pittsburgh As total annual U.S. healthcare costs continue to soar, the role of healthcare and technology has taken over discussions in Washington and on Wall Street – and now Pittsburgh. On March … Continue Reading

Tucker Arensberg, PC attorney appointed to American Bar Association’s eHealth Privacy and Security Special Interest Group

Lee Kim has been appointed to the American Bar Association’s eHealth Privacy and Security Special Interest Group as a Health Law and Policy Coordinating Committee Liaison and a Web Liaison.  A new goal of this special interest group is to foster a collaborative relationship between IT professionals and healthcare attorneys so that each group may … Continue Reading

PBI Publishes e-Book on Electronic Health Records

The Pennsylvania Bar Institute (PBI) has published an e-book on electronic health records authored by Tucker Arensberg, PC attorney Lee Kim, Esq.  Topics include the definition and purpose of EHR systems, client server and hosted solutions, types of EHR, certified EHR technology, requirements and objectives of "Meaningful Use," Medicare and Medicaid EHR Incentive Programs, HIPAA, … Continue Reading

MARCH 8-9, 2012: Canada – US Healthcare Technology Summit: Improving Care through Innovation

  Contributed by: Lee Kim, Esq. 412.594.3915 Thursday evening networking 3/8/12 & Educational Seminar Friday 3/9/12 Doubletree Pittsburgh   The Consulate General of Canada in Buffalo, along with their partner, the Western Pennsylvania HIMSS Chapter, is hosting a Canada – US Healthcare Technology Summit in Pittsburgh, PA. As total annual U.S. healthcare costs have passed $2 trillion, … Continue Reading

OIG Issues Favorable Advisory Opinion to Vendor of Web-Based Business Services for Physician Services (OIG Advisory Opinion No. 11-18)

Contributed by Lee Kim, Esq. 412.594.3915   A vendor of web-based services to help physicians achieve faster reimbursement from payors, reduce error rates, improve collection rates, improve patient compliance and satisfaction, and more efficiently manage clinical and billing information requested an advisory opinion from the Department of Health and Human Services Office of Inspector General … Continue Reading

ONS Health Information Technology (HIT) Think Tank Meeting

The Oncology Nursing Society (ONS), headquartered in Pittsburgh, Pennsylvania, hosted a two-day health IT think tank meeting.  The first day featured national speakers from Epic Systems, Cerner Corporation, CCHIT, University of Colorado at Denver, Fletcher Allen Health Care, Cleveland Clinic Health System, Quality Insights of Pennsylvania, American Society of Clinical Oncology, and Tucker Arensberg.  The … Continue Reading

90-Day Delay for Enforcing Compliance of HIPAA Transaction Standards

CMS’ Office of E-Health Standards and Services ("OESS") has announced that it has delayed enforcement until March 31, 2012 for any HIPAA covered entity that is not in compliance with the ASC X12 Version 5010 (Version 5010), NCPDP Telecom D.0 (NCPDP D.0), and NCPDP Medicaid Subrogation 3.l0 (NCPDP 3.0) standards.  However, the compliance date for … Continue Reading

HIPAA Privacy and Security Audit Program

This is simply a reminder that the Office of Civil Rights (OCR) pilot audit program to access the privacy and security compliance of covered entities will commence November 2011 and conclude by December 2012. The attached link provides details about the program.  http://www.hhs.gov/ocr/privacy/hipaa/enforcement/audit/index.html         … Continue Reading
LexBlog