Administration Introduces Health Care Sector Cybersecurity Strategy

By:

Between 2018 and 2022, the Department of Health & Human Services’ (HHS’) Office for Civil Rights (OCR) has identified a 93 percent increase in large health care-related cybersecurity breaches (369 to 712), with a 278 percent increase in large breaches reported to OCR involving ransomware. In March 2023, President Biden released a National Cybersecurity Strategy […]

Read More

OCR Announces Expiration of HIPAA Enforcement Discretion Issued in Response to COVID-19

By:

The Office of Civil Rights (OCR) issued a Federal Register notice that the enforcement discretion of certain rules under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Health Information Technology for Economic and Clinical Health (HITECH) Act will expire on May 11, 2023 with the end of the COVID-19 public health […]

Read More

Register for HIPAA Administrative Simplification Proposed Rule Call on January 25

By:

The Centers for Medicare & Medicaid Services (CMS) National Standards Group (NSG) invites you to register for a call about the Administrative Simplification: Adoption of Standards for Health Care Attachments Transactions and Electronic Signatures, and Modification to Referral Certification and Authorization Transaction Standard proposed rule that was released on December 21. The call will be held on Wednesday, […]

Read More

CMS Proposes Electronic Standards for Clinical, Admin Data

By:

The Department of Health and Human Services (HHS) has issued a proposed rule titled Administrative Simplification: Adoption of Standards for Health Care Attachments Transactions and Electronic Signatures, and Modification to Referral Certification and Authorization Transaction Standard The rule would adopt a set of standards for the electronic exchange of clinical and administrative data to support […]

Read More

OCR Releases New Recognized Security Practices Video

By:

In recognition of National Cybersecurity Awareness Month, the Office of Civil Rights (OCR) has produced a new video for organizations covered under the HIPAA Rules on Recognized Security Practices. Recommended security practices can help organizations improve their ability to safeguard patient information from cyberattacks and better safeguard the health care services we all rely upon. […]

Read More

Ransomware Resources for HIPAA Regulated Entities

By:

Ransomware attacks on health care organizations are a growing threat, so the HHS Office for Civil Rights (OCR) shared with us the following information to ensure that HIPAA regulated entities are aware of the resources available to assist in preventing, detecting, and mitigating breaches of unsecured protected health information caused by hacking and ransomware. HHS […]

Read More

OCR Issues Guidance on HIPAA, COVID-19 Vaccinations, and the Workplace

By:

On Thursday, September 30, the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) issued guidance to help the public understand when the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule applies to disclosures and requests for information about whether a person has received a COVID-19 vaccine. The […]

Read More

CMS Issues Guidance on Determining Hospice Beneficiary Enrollment in MA VBID Hospice Model for CY2022

By:

CMS Orders Systems Changes to Identify Hospice Patients in the Model In calendar year 2022 (CY2022), the Medicare Advantage (MA) Value-based Insurance Model (VBID) Hospice Component demonstration model – under which the hospice benefit is included as part of the MA benefit package — will enter its second year of operation and it is believed he […]

Read More

Security Alert: Postcard Disguised as Official OCR Communication

By:

The Office of Civil Rights (OCR) of the U.S. Department of Health & Human Services (HHS) has been made aware of postcards being sent to health care organizations informing the recipients that they are required to participate in a “Required Security Risk Assessment” and they are directed to send their risk assessment to www.hsaudit.org.  The link […]

Read More

NAHC Submits Comments On Proposed HIPAA Privacy Rule

By:

On January 21, 2021, the Office of Civil Rights under the Department of Health and Human Services issued a propose rule: Proposed Modifications to the HIPAA Privacy Rule To Support, and Remove Barriers to Coordinated Care and Individual Engagement Office HHS proposes to make a number of changes to the HIPAA Privacy Rule to strengthen […]

Read More

Call for Comments on Implementing the HIPAA Security Rule

By:

The National Institute for Standards and Technology (NIST) is planning to update the NIST Special Publication (SP) 800—66, Revision 1, An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule (“Resource Guide”). NIST is seeking stakeholder input on the purpose of the Resource Guide to educate readers about information security terms […]

Read More

HHS Proposes Changes To The HIPAA Regulations

By:

On January 21, 2021 the Office of Civil Rights (OCR) of the Department of Health & Human Services (HHS) issued proposed changes to the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule to support individuals’ engagement in their care, remove barriers to coordinated care, and reduce regulatory burdens on the health care industry. Several of […]

Read More