HIPAA and HIT

Subscribe to HIPAA and HIT via RSS

Health and Human Services ("HHS") Secretary Kathleen Sebelius announced yesterday important new proposed rules and resources to strengthen the privacy of health information and to help all Americans understand their rights and the resources available to safeguard their personal health data. 

The official release date of the new proposed rules is July 14, 2010.  These

As issued in June 2010, 45 CFR Part 170 – The Health Information Technology: Initial Set of Standards, Implementation Specifications, and Certification Criteria for Electronic Health Record Technology establishes certification programs for purposes of testing and certifying health information technology. This Rule specifically establishes:

The U.S. Department of Health and Human Services ("HHS") has issued draft guidance on HIPAA Security Standards as it pertains to risk analysis.  The aim is to assist organizations in identifying and implementing the most effective and appropriate administrative, physical, and technical safeguards to security electronic protected health information (also known as "ePHI").

While the draft

Contributed by Lee Kim, Esquire

The American Medical Association has posted HIPAA Security Rule guidance for physicians.  It recommends that electronic protected health information ("ePHI") should be encrypted and suggests that AES technology should be used (as a more secure alternative to RSA technology).  Both data at rest (e.g., files which reside on your hard drive

Normal
0

false
false
false

EN-US
X-NONE
X-NONE

MicrosoftInternetExplorer4

The American Medical Association has created a resource for physicians to understand the HIPAA Privacy and Security Rules and their changes as a result of the 2009 economic stimulus package. 

This resource outlines new requirements:

  1. Protection of patient information;
  2. How to comply with patients’ requests to access

Contributed by Lee Kim, Esquire

lkim@tuckerlaw.com or 412.594.3915

1)  Access control under 45 C.F.R. §312(a).

Policies and procedures must be implemented for information systems that maintain ePHI to ensure that only those persons or software programs that have been granted access rights.

In particular, a unique user identification must be assigned to each

A new website is now available from the Centers for Medicare & Medicaid Services (CMS) concerning Health Information Technology as provided for in the American Recovery and Reinvestment Act of 2009.  On this website, you can find information pertaining to the Medicare and Medicaid incentives for electronic health records adoption and important links to related

HIOs and Regional Health Information Networks (RHINs) are being created to facilitate the exchange of information among providers. HIOs and RHINs are typically not statutorily governed by HIPAA, other than perhaps as Business Associates. The HHS guidance, issued in conjunction with The Nationwide Privacy and Security Framework for Electronic Exchange of Individually Identifiable Health Information, covers

Med Law Blog Editor

About Our Practice Group

Tucker Arensberg’s Healthcare Practice Group includes some of the most experienced health law attorneys in the region. We handle the legal problems so our clients can handle the important work of caring for patients. We work with physicians, physical therapists, dentists, optometrists, and all other professional care givers to help them avoid the many legal traps of running a practice. Tucker Arensberg lawyers have experience in all major health law issues.