October 28, 2015. On September 28, 2015, the Office of Inspector General (OIG) at the Department of Health and Human Resources (HHS) issued an OIG report entitled: OCR Should Strengthen Its Oversight of Covered Entities’ Compliance with the HIPAA Privacy Standards. In its report, OIG noted the following:
October 20, 2015. On Friday, October 16, the Centers for Medicare & Medicaid Services (CMS) published in the Federal Register its Final Rule: Medicare and Medicaid Programs; Electronic Health Record Incentive Program—Stage 3 and Modifications to Meaningful Use in 2015-2017. The regulations are effective on Tuesday, December 15, 2015. The summary, which appears on page 62762 follows:
In our October 7, 2015, Webinar on Risk Analysis requirements pertaining to the HIPAA Security Rule, sponsored by the Workgroup for Electronic Data Interchange (WEDI), I highlighted the growing importance of written documentation showing that risks to electronic information systems and devices containing protected health information had been evaluated and safeguards implemented to mitigate those risks. HIPAA Integrity sequentially links risk analysis findings->safeguard policies and procedures->breach assessment and notification, and, available January 25, 2016, ->safeguard training for workforce members.
Our First Webinar Covers: Conducting a Risk Analysis.