News and Toolkit Updates
From the PrivaPlan Blog
HHS releases new guidance for audio-only telehealth
This week the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) released guidance to ensure covered health care providers and health plans stay HIPAA compliant when providing audio-only telehealth services.
HIPAA Updates are Focus of Proposed Legislation
What happens online stays online. It’s a fact of modern living. However, when that pertains to patient data, is enough being done to protect who has access to it?
Can I share a coronavirus patient’s information to protect the public?
This month in light of the Novel Coronavirus (2019-nCoV) outbreak, the Department of Health and Human Services (HHS) released a bulletin reminding HIPAA covered entities and their business associates of the ways they may share patient information during an outbreak of infectious disease or other emergency situations.
HHS releases proposal to overhaul patient privacy rules for addiction treatment
The Department of Health and Human Services (HHS) announced proposed changes late last week to the federal regulations governing the confidentiality of patient records created by federally-assisted substance use disorder treatment programs, known as 42 CFR Part 2. Drafted in 1975, 42 CFR Part 2 was designed to protect patient records created by federally-assisted programs…
HHS reduces maximum civil penalties for HIPAA violations
The HHS published a Notification of Enforcement Discretion Regarding HIPAA Civil Money Penalties that changes the interpretation of fines for violations defined under the HITECH Act, effectively reducing some of the annual limits.
HHS waives HIPAA sanctions and penalties for hurricane-affected hospitals
As Hurricane Florence continues its destructive path, hospitals affected by the storm have been given the go ahead to break certain provisions of the HIPAA Privacy Rule.
OCR releases guidance on Cloud Computing and HIPAA
The OCR released a guidance on October 6 that attempts to clear things up regarding cloud service providers and HIPAA.
Latest HIPAA settlement shows importance of up-to-date BA agreements
On Sept. 23, 2016, the OCR announced its second HIPAA enforcement action against a business associate to the tune of $400,000. The hospital had previously entered into a settlement of $150,000 for its part in the breach.
Join Oct. 12 webcast: BAs, HIPAA Risk Management
More and more, HIPAA breaches are caused by the Business Associates of HIPAA covered entities. Learn how to manage these risks in Oct. 12 webcast.
OCR is stepping up its investigations of smaller breaches
The OCR has begun an initiative to more widely investigate the root causes of smaller breaches affecting fewer than 500 individuals.
OCR Desk Audits are beginning
This week selected covered entities began receiving notification letters for Phase Two of OCR’s HIPAA audit program which involve desk audits.
Sign up for June 20 webcast: MACRA + MIPS, Education and Action Planning
Join David Ginsberg, CEO of PrivaPlan Associates, Inc., as he addresses the not-so-distant future of Medicare payment reform and how this will affect meaningful use and planning for certified electronic health records.
David Ginsberg explains new HIPAA audits in webinar
PrivaPlan President David Ginsberg leads June 28 webinar hosted by CORHIO about new HIPAA audits of covered entities and their business associates.
AMA’s top 9 list includes focus on health IT
This month the American Medical Association (AMA) released a list of the nine top issues they believe physicians should watch in the coming year and why, and what the AMA is doing to address the issues. We’re going to look at the two that call out health IT.
Congress makes it easier to reach Meaningful Use
The Patient Access and Medicare Protection Act (S. 2425) was passed by both chambers of Congress on Friday, December 18.