FINALLY! HHS Releases the Final HIPAA/HITECH Omnibus Rule. Finally, the long awaited Final Rules are out. The Department of Health and Human Services (HHS) posted the HIPAA/HITECH “Omnibus Rule” on January 17, 2013 at 4:15 pm. You can download a copy here, or go straight to the source...
What do Thanksgiving, HIE and Disaster Recovery Have in Common? First, we want to wish all of our readers across the United States a very healthy and Happy Thanksgiving! We also ask that you remember that this holiday, the Northeast is just emerging from the most devastating natural disaster to...
Is NwHIN going from “Free” to “For Fee”? Notable news late last week included ONC Coordinator Dr. Fazad Mostashari publishing a blog post stating that ONC has decided NOT to pursue promulgating regulations to govern the NwHIN. The decision was made in part after his Officeconsidered comments...
FDA Moving Forward with Regulating Mobile Health Apps This post is prepared by Christopher Dodson. Mobile medical apps designed for use on phones and tablets are generally unregulated. In July 2011, the FDA published guidance indicating its intention to use the existing regulatory framework for a...
Will HIPAA Conviction Appeal Loss Open the “Zhou” Gates? This post is prepared by Christopher Dodson. Readers of this blog are probably familiar with the case of Dr. Huping Zhou, who was successfully prosecuted for violating HIPAA’s privacy protections. Zhou accessed the patient records of...
We “Like” Organ Donor Status on Facebook This post has been prepared by Christina Strong, Esq. The addition of “organ donor status” to Facebook is a tremendous boon for the communication of what is fast becoming a social norm, altruistic donation of one’s body, to take place after death. Unlike...
Cardiac Surgery MD Group Agrees to Pay 0,000 Settlement to HHS for Lack of HIPAA safeguards And the HIPAA money keeps rolling to the feds. The latest settlement (announced today) is with a cardiac surgery physician group in Phoenix, Arizona, which has agreed to pay a hefty sum after someone...
Grantees of HIE Funds Get “PIN-ned” on Privacy, Security and Patient Consent On March 22, 2012 HHS/ONC released a new Program Information Notice (PIN) called the “Privacy and Security Framework Requirements and Guidance for State Health Information Exchange Cooperative Agreement Program” (P&S...
As many of our readers have already heard, on March 13, 2012 HHS announced that Blue Cross Blue Shield of Tennessee entered into a Resolution Agreement for $1.5 Million Dollars to settle potential violations of HIPAA. You can access a copy of the Resolution Agreement here. I find this new case...
Feb 29th is Last Day to Report Breaches of <500 to HHS! For those that have been logging their “small” Breaches (i.e., less than 500 individuals affected) and waiting to report them to HHS at the end of the year, next Wednesday, February 29th is the LAST day to get your information entered into...
When DHHS published its Proposed ACO Rule in April 2011 and then the Final ACO Rule in November 2011 (I’ll refer to them as the “ACO Rules”), discussions focused predominately on issues such as who is “qualified” to participate, what the required governance structure should be, what methodology will be used to assign Medicare beneficiaries, and what the payment models will be. However, as I digested the ACO Rules, my reading deliberately slowed down as I zeroed in on the not unremarkable language and comments CMS included with regard to sharing individually identifiable health information in the ACO context.
Helen Oscislawski Invited to Speak at National HIPAA Summit I attend the annual National HIPAA Summit in Washington D.C. every year to keep on top of developments with HIPAA and related topics, and so I was thrilled to find out that one of the Co-Chairs of the ONC Privacy and Security Tiger Team...
Federal Government Releases Updated DURSA for NHIN Participants An Amended and Restated DURSA dated May 3, 2011 was released November 30, 2011. The DURSA is an acronym for the “Data Use and Reciprocal Support Agreement.” It is a comprehensive agreement to govern the exchange of health...
HIPAA Audits Begin November 2011, How Can Covered Entities and Business Associates Prepare? The United States Department of Health and Human Services (HHS) has announced that it will begin HIPAA audits of covered entities and business associates this November 2011, and its contracted...
This article discusses generally certain legal and other challenges that networked HIE presents, as well as the effort of one HIE initiative that is looking to implement a technical solution to “segment” sensitive data and place it behind additional technological safeguards.