OCR Issues Guidance on HIPAA, COVID-19 Vaccinations, and the Workplace

By:

On Thursday, September 30, the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) issued guidance to help the public understand when the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule applies to disclosures and requests for information about whether a person has received a COVID-19 vaccine. The […]

Read More

Webinar on Enhancements to HHS Security Risk Assessment Tool

By:

The Office of the National Coordinator for Health Information Technology (ONC) and the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services are hosting a new webinar for users of the Security Risk Assessment Tool. Learn about the SRA Tool and how it can be used at your organization, hear […]

Read More

Cyber Alert: Updates on Ransomware and Critical VMware Vulnerability

By:

The Deputy Assistant to the President and Deputy National Security Advisor for Cyber and Emerging Technology has released a memo titled “What We Urge You To Do To Protect Against The Threat of Ransomware.”  This memo addresses the growing number and size of ransomware incidents and calls upon government and private sector to take steps […]

Read More

Security Alert: Postcard Disguised as Official OCR Communication

By:

The Office of Civil Rights (OCR) of the U.S. Department of Health & Human Services (HHS) has been made aware of postcards being sent to health care organizations informing the recipients that they are required to participate in a “Required Security Risk Assessment” and they are directed to send their risk assessment to www.hsaudit.org.  The link […]

Read More

NAHC Submits Comments On Proposed HIPAA Privacy Rule

By:

On January 21, 2021, the Office of Civil Rights under the Department of Health and Human Services issued a propose rule: Proposed Modifications to the HIPAA Privacy Rule To Support, and Remove Barriers to Coordinated Care and Individual Engagement Office HHS proposes to make a number of changes to the HIPAA Privacy Rule to strengthen […]

Read More

New Legal Guidance and Resources to Expand Access to COVID-19 Vaccines for Elderly & Disabled

By:

The Office for Civil Rights (OCR), the Administration for Community Living (ACL), and the Office of the Assistant Secretary for Planning and Evaluation (ASPE) at the U.S. Department of Health and Human Services (HHS) have published several new resources to help states, vaccination providers, and others leading COVID-19 response activities improve access to vaccines for […]

Read More

Cyber Alert: Mitigating Microsoft Exchange Server Vulnerabilities

By:

The Office for Civil Rights (OCR) of the Department of Health & Human Services (HHS) is sharing the following Updated Alert on Mitigating Microsoft Exchange Vulnerabilities to assist HIPAA-covered entities and their business associates in addressing serious threats to Microsoft Exchange servers.  Organizations are encouraged to review the information below and take appropriate action. The […]

Read More

OCR Issues Audit Report on Health Care Industry Compliance with the HIPAA Rules

By:

Late last month, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) released its 2016-2017 HIPAA Audits Industry Report that reviewed selected health care entities and business associates for compliance with certain provisions of the HIPAA Privacy, Security, and Breach Notification Rules. The Health Information Technology for Economic […]

Read More

OCR Issues Guidance on HIPAA, Health Information Exchanges, and Disclosures of Protected Health Information for Public Health Purposes

By:

On Friday, December 18, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) issued guidance on how the Health Insurance Portability and Accountability Act of 1996 (HIPAA) permits covered entities and their business associates to use health information exchanges (HIEs) to disclose protected health information (PHI) for the […]

Read More

Office for Civil Rights Issues Resource Document on HIPAA and IT Asset Inventories

By:

The Department of Health & Human Services (HHS) Office for Civil Rights (OCR) has published, as  part of its Summer 2020 Cybersecurity Newsletter, a resource document to assist covered entities in conduction of an effective risk analysis to ensure compliance with the Security Rule.  The OCR is tasked with enforcing the Health Insurance Portability and […]

Read More

Feds Issue Health Care Malware Warning

By:

The Office of Civil Rights (OCR) of the Department of Health and Human Services has issued a warning to health care providers about the Taidoor Malware being used by the Chinese government. The warning from the OCR and the Assistant Secretar for Preparedness and Response (ASPR) includes a warning about malware, as well as response […]

Read More

Alert: Watch Out for a Postcard Disguised as Official OCR Communication

By:

The Office of Civil Rights (OCR) of the Department of Health & Human Services (HHS) is alerting the public of postcards being sent to health care organizations disguised as official OCR communications and claiming to be notices of a mandatory HIPAA compliance risk assessment.  The postcards have a Washington, D.C. return address, and the sender […]

Read More