Posts Categorized: HIPAA Privacy & Security

HIPAA Privacy Update

in HIPAA Privacy & Security

Today, HHS issued guidance regarding how to de-identify protected health information [Guidance] Excerpt from the HHS Press Release: “This guidance fulfills the American Recovery and Reinvestment Act of 2009 (ARRA) mandate that HHS issue such guidance. In response to this mandate, OCR collected research and views regarding de-identification approaches, best practices for implementation and management of the current de-identification standard and potential changes to address policy concerns. OCR solicited stakeholder input from experts with practical technical and policy experience to inform the creation of guidance materials by organizing an in-person workshop consisting of multiple panel sessions, each addressing a specific… Continue Reading

OCR HIPAA Audits

in HIPAA Privacy & Security

The Office for Civil Rights “unofficially” announced that it will continue through 2013 the HIPAA audit program that started this year. This is the program that OCR developed with KPMG. The program will be conducting audits on all types of covered entities.

HIPAA Audits

in HIPAA Privacy & Security

Yesterday, OCR posted the protocal and requirements that it will use to audit covered entities for HIPAA privacy, security and breach notification violations. The protocal can be accessed at: http://ocrnotifications.hhs.gov/hipaa.html

JCEB Week

in HIPAA Privacy & Security

As some of you know, this week is JCEB week here in DC, when the Joint Committee on Employee Benefits meets with all the agencies.  This morning we met with HHS Office of Civil Rights, discussing important issues under the HIPAA privacy and security rules.  I want to thank the OCR staff for making this such a productive meeting.  They really put a lot of time and effort into these meetings, even though they are not required to do so.  The Q&As take some time to filter out onto the JCEB website, but I’m sure they will be available hopefully… Continue Reading