ONC’s Guide to Privacy and Security of Electronic Health Information Version 2.0 a Key HIPAA Safeguard Reference

May 29, 2015 In April, the Office of the National Coordinator for Health Information Technology published online Version 2.0 of its Guide to Privacy and Security of Electronic Health Information.  This is an excellent description of requirements and need for safeguarding electronic protected health information, but the document provides little guidance on establishing policies and procedures based on findings from a required risk analysis. 

 

OCR Issues Corrective Action Plan for HIPAA Privacy Rule Violation

May 26, 2015.  The Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) accepted a $125,000 resolution amount from a Colorado compounding pharmacy for disposing of protected health information (PHI) of 1,610 patients “in a dumpster that was accessible to the public” in violation of the HIPAA Privacy Rule.  In the Bulletin issued by OCR entitled:  “HIPAA Settlement Highlights the Continuing Importance of Secure Disposal of Paper Medical Records,” OCR indicated that it “opened a compliance review and investigation after receiving notification from a local Denver news outlet regarding the disposal of unsecured documents containing PHI.”  In the Bulletin, the OCR Director, Jocelyn Samuels stated: 

Cornichon Healthcare Launches HIPAA Safeguard Version 2.0 and Explores with EHNAC Accreditation

Cornichon Healthcare has launched at www.HIPAASafeguard.net Version 2.0 of HIPAA Safeguard that links Cornichon’s risk analysis template—based on protocols established by the National Institute of Standards and Technology (NIST)—with Cornichon’s written, 92 HIPAA-required policies and procedures for safeguarding protected health information (PHI) and 22 forms for documenting safeguard actions, activities, and assessments.  Covered entities and business associates are required by federal law to secure PHI, and, with HIPAA Safeguard, they can now streamline the first step in the compliance process—the required risk analysis—and use the findings to tailor Cornichon’s written safeguard policies and procedures to their business operational environments to achieve and demonstrate compliance

Categories



Archives

  • October 2017 (1)
  • August 2017 (3)
  • July 2017 (1)
  • June 2017 (7)
  • May 2017 (12)
  • April 2017 (10)
  • March 2017 (2)
  • February 2017 (3)
  • January 2017 (4)
  • December 2016 (4)
  • November 2016 (7)
  • October 2016 (7)
  • September 2016 (2)
  • August 2016 (1)
  • July 2016 (3)
  • June 2016 (1)
  • May 2016 (1)
  • April 2016 (8)
  • March 2016 (6)
  • February 2016 (2)
  • December 2015 (1)
  • November 2015 (1)
  • October 2015 (4)
  • September 2015 (1)
  • June 2015 (8)
  • May 2015 (3)
  • April 2015 (2)
  • March 2015 (1)
  • November 2014 (1)
  • September 2014 (15)
  • August 2014 (6)
  • July 2014 (1)
  • June 2014 (13)
  • May 2014 (11)
  • April 2014 (13)
  • March 2014 (6)
  • February 2014 (12)
  • January 2014 (3)
  • December 2013 (1)