Office for Civil Rights
HHS Issues Guidance on HIPAA and Audio-Only Telehealth
On Monday, June 13, the U.S. Department of Health and Human Services (HHS), through its Office for Civil Rights (OCR), is issuing guidance on how covered health care providers and health plans can use remote communication technologies to provide audio-only telehealth services when such communications are conducted in a manner that is consistent with the applicable requirements […]
Read MoreHHS Issues Guidance on HIPAA and Audio-Only Telehealth
On Monday, June 13, the U.S. Department of Health and Human Services (HHS), through its Office for Civil Rights (OCR), is issuing guidance on how covered health care providers and health plans can use remote communication technologies to provide audio-only telehealth services when such communications are conducted in a manner that is consistent with the applicable requirements […]
Read MoreRansomware Resources for HIPAA Regulated Entities
Ransomware attacks on health care organizations are a growing threat, so the HHS Office for Civil Rights (OCR) shared with us the following information to ensure that HIPAA regulated entities are aware of the resources available to assist in preventing, detecting, and mitigating breaches of unsecured protected health information caused by hacking and ransomware. HHS […]
Read MoreWebinar on Enhancements to HHS Security Risk Assessment Tool
The Office of the National Coordinator for Health Information Technology (ONC) and the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services are hosting a new webinar for users of the Security Risk Assessment Tool. Learn about the SRA Tool and how it can be used at your organization, hear […]
Read MoreCyber Alert: Updates on Ransomware and Critical VMware Vulnerability
The Deputy Assistant to the President and Deputy National Security Advisor for Cyber and Emerging Technology has released a memo titled “What We Urge You To Do To Protect Against The Threat of Ransomware.” This memo addresses the growing number and size of ransomware incidents and calls upon government and private sector to take steps […]
Read MoreNew Legal Guidance and Resources to Expand Access to COVID-19 Vaccines for Elderly & Disabled
The Office for Civil Rights (OCR), the Administration for Community Living (ACL), and the Office of the Assistant Secretary for Planning and Evaluation (ASPE) at the U.S. Department of Health and Human Services (HHS) have published several new resources to help states, vaccination providers, and others leading COVID-19 response activities improve access to vaccines for […]
Read MoreCyber Alert: Mitigating Microsoft Exchange Server Vulnerabilities
The Office for Civil Rights (OCR) of the Department of Health & Human Services (HHS) is sharing the following Updated Alert on Mitigating Microsoft Exchange Vulnerabilities to assist HIPAA-covered entities and their business associates in addressing serious threats to Microsoft Exchange servers. Organizations are encouraged to review the information below and take appropriate action. The […]
Read MoreSurveyors to Enforce CDC Guidance for the 2019 Coronavirus
The Centers for Medicare & Medicaid Services (CMS) has issued a letter to surveyors that addresses infection control adherence for health care facilities related to the 2019 Novel Coronavirus (2019-nCoV), and reminds surveyors that providers must consider emerging infectious diseases in their emergency preparedness plans. The letter includes interim guidance issued by the Centers for […]
Read MoreNew Version of Security Risk Assessment Tool has Important New Features
Today, October 31, is the last day of National Cyber Awareness Month (NCSAM), so NAHC wants to inform you that the Office for Civil Rights (OCR) and the Office of the National Coordinator for Health Information Technology (ONC) have released version 3.1 of the popular HHS Security Risk Assessment (SRA) Tool. You can download this […]
Read MoreNew HHS Fact Sheet on Direct Liability of Business Associates under HIPAA
The Health and Human Services (HHS) Office for Civil Rights (OCR) has issued a new fact sheet that provides a clear compilation of all provisions through which a business associate can be held directly liable for compliance with certain requirements of the HIPAA Privacy, Security, Breach Notification, and Enforcement Rules (“HIPAA Rules”), in accordance with […]
Read More
