Search Results
The default setting for search results displays All Content. If you prefer to see recent content only, please adjust the date filter.
Filter your results:
Types
Topics
61 Results Found
OCR finalizes rule prohibiting certain reproductive health care disclosures
The Department of Health & Human Services’ Office for Civil Rights April 22 released a final rule prohibiting entities regulated by the HIPAA Privacy Rule from using or disclosing protected health information to investigate or prosecute patients, providers or others involved in providing legal reproductive health services.
Cassidy proposes ways to strengthen health data privacy
Senate Health, Education, Labor & Pensions Committee Ranking Member Bill Cassidy, R-La., Feb. 21 released a report proposing ways to modernize the existing HIPAA framework and protect health and other data not covered by HIPAA.
NIST updates HIPAA cybersecurity resource guide
The National Institute of Standards and Technology this week released updated guidance to help HIPAA-covered entities and business associates assess and manage cybersecurity risks to electronic protected health information and comply with the HIPAA security rule.
Outdated Regs Impede Care Transformation
Last week, we released a report as part of the AHA’s on-going campaign seeking regulatory relief for hospitals and health systems. It highlights how outdated fraud and abuse regulations created under the Stark and Anti-Kickback laws are barriers to transforming patient care.
OCR releases telehealth privacy and security resources for providers, patients
The Department of Health and Human Services’ Office for Civil Rights Oct. 18 released a resource for health care providers who choose to educate patients about telehealth privacy and security, noting that the HIPAA rules do not require it.
HHS updates tool to help providers assess HIPAA security risks
The Department of Health and Human Services’ Office of the National Coordinator for Health Information Technology and Office for Civil Rights have updated their tool to help health care providers (especially smaller organizations) identify and assess potential risks to electronic protected health information, as required by the HIPAA Security Rule.
COVID-19 HIPAA transition period for telehealth expires
Health care providers must comply with the HIPAA rules with respect to telehealth effective Aug. 9 at 11:59 p.m., when the 90-day enforcement discretion period announced in April expires.
CMS urged not to implement proposed prior authorization attachment standard
The AHA July 27 joined AHIP, the American Medical Association, and Blue Cross Blue Shield Association in urging the Centers for Medicare & Medicaid Services not to implement its proposed HIPAA prior authorization standards for claims attachments due to conflicting regulatory proposals, which “would create the very same costly burdens” that administrative simplification seeks to alleviate.
Agencies warn hospitals, others about tracking technology compliance risks
The Department of Health and Human Services’ Office for Civil Rights and Federal Trade Commission yesterday sent a letter to about 130 hospital systems and telehealth providers reminding them to comply with HIPAA Privacy, Security and Breach Notification Rules, the FTC Act and FTC Health Breach Notification Rule when using technologies that can track a user’s online activities, such as Meta/Facebook Pixel and Google Analytics.
FTC proposes changes to breach notification requirements for entities not covered by HIPAA
The Federal Trade Commission June 8 released for public comment a notice of proposed changes to breach notification requirements for entities that collect health information but are not covered by HIPAA’s privacy and security requirements.