Implementing HIPAA Security Rule: A Cybersecurity Resource Guide

By:

The Department of Health & Human Services (HHS) Office for Civil Rights (OCR) and the National Institute of Standards and Technology (NIST) announced the publication of the final version of Special Publication (SP) 800-66 Revision 2, Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule: A Cybersecurity Resource Guide. This revised publication, a […]

Read More

HHS Issues New Nondiscrimination Final Rule to Protect Conscience Rights

By:

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced a Final Rule, entitled Safeguarding the Rights of Conscience as Protected by Federal Statutes. Several provisions of Federal law protect the conscience rights of certain federally funded health care entities and prohibit recipients of certain Federal funds from requiring individuals and […]

Read More

Administration Introduces Health Care Sector Cybersecurity Strategy

By:

Between 2018 and 2022, the Department of Health & Human Services’ (HHS’) Office for Civil Rights (OCR) has identified a 93 percent increase in large health care-related cybersecurity breaches (369 to 712), with a 278 percent increase in large breaches reported to OCR involving ransomware. In March 2023, President Biden released a National Cybersecurity Strategy […]

Read More

HHS Provides Telehealth, Info Security for Providers & Patients

By:

On Thursday, October 18, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS), issued two resource documents to help explain to patients the privacy and security risks to their protected health information (PHI) when using telehealth services and ways to reduce these risks. The first resource is for […]

Read More

OCR Announces Expiration of HIPAA Enforcement Discretion Issued in Response to COVID-19

By:

The Office of Civil Rights (OCR) issued a Federal Register notice that the enforcement discretion of certain rules under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Health Information Technology for Economic and Clinical Health (HITECH) Act will expire on May 11, 2023 with the end of the COVID-19 public health […]

Read More

OCR Releases New Recognized Security Practices Video

By:

In recognition of National Cybersecurity Awareness Month, the Office of Civil Rights (OCR) has produced a new video for organizations covered under the HIPAA Rules on Recognized Security Practices. Recommended security practices can help organizations improve their ability to safeguard patient information from cyberattacks and better safeguard the health care services we all rely upon. […]

Read More

HIPAA Resources and Security Risk Assessment Webinar on Wednesday, Thursday

By:

Even though some providers have been living with the Health Insurance Portability and Accountability Act (HIPAA) requirements since 1996, there are still questions about whether an entity is covered and what all the requirements are.  The Office of Civil Rights (OCR) administers HIPAA and has a webpage that contains resources specifically for health care professionals […]

Read More

HHS Issues Guidance on HIPAA and Audio-Only Telehealth

By:

On Monday, June 13, the U.S. Department of Health and Human Services (HHS), through its Office for Civil Rights (OCR), is issuing guidance on how covered health care providers and health plans can use remote communication technologies to provide audio-only telehealth services when such communications are conducted in a manner that is consistent with the applicable requirements […]

Read More

HHS Issues Guidance on HIPAA and Audio-Only Telehealth

By:

On Monday, June 13, the U.S. Department of Health and Human Services (HHS), through its Office for Civil Rights (OCR), is issuing guidance on how covered health care providers and health plans can use remote communication technologies to provide audio-only telehealth services when such communications are conducted in a manner that is consistent with the applicable requirements […]

Read More

Version 3.3 of the HHS Security Risk Assessment Tool Now Available

By:

The Office of the National Coordinator for Health Information Technology (ONC) and Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) have released version 3.3 of the popular HHS Security Risk Assessment (SRA) Tool (https://www.healthit.gov/topic/privacy-security-and-hipaa/security-risk-assessment-tool). This tool is designed to aid small and medium sized health care organizations in […]

Read More

Version 3.3 of the HHS Security Risk Assessment Tool Now Available

By:

The Office of the National Coordinator for Health Information Technology (ONC) and Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) have released version 3.3 of the popular HHS Security Risk Assessment (SRA) Tool (https://www.healthit.gov/topic/privacy-security-and-hipaa/security-risk-assessment-tool). This tool is designed to aid small and medium sized health care organizations in […]

Read More

Ransomware Resources for HIPAA Regulated Entities

By:

Ransomware attacks on health care organizations are a growing threat, so the HHS Office for Civil Rights (OCR) shared with us the following information to ensure that HIPAA regulated entities are aware of the resources available to assist in preventing, detecting, and mitigating breaches of unsecured protected health information caused by hacking and ransomware. HHS […]

Read More