Health Privacy

Transmitting PHI by Email

May 27, 2014 By Angela Burnette

Email has become an important mode of communication for business operations, with approximately 100 billion business emails sent in 2013 alone. Included in these messages are patients’ personal and health information, such as test results, diagnoses, and social security numbers. The Privacy and Security Rules of the Health Insurance Portability and Accountability Act of 1996 […]

OCR and ONC Release New Security Risk Assessment Tool

April 3, 2014 By Privacy, Cyber & Data Strategy Team

Late last week, the HHS Office for Civil Rights (OCR) and Office of the National Coordinator for Health Information Technology (ONC) released a security risk assessment (SRA) tool designed to help health care providers conduct risk assessments as required by the HIPAA Security Rule. Under the Security Rule, health care providers must perform risk assessments […]

HIPAA Audit Program Returning?

February 26, 2014 By Privacy, Cyber & Data Strategy Team

We previously blogged about the Office for Civil Rights’ (OCR) HIPAA Privacy, Security and Breach Audit Program (HIPAA Audit Program) on November 30, 2011, March 7, 2012, and June 26, 2012. On Monday, OCR published a notice in the Federal Register in which it essentially announces the return of its HIPAA Audit Program. In the notice, […]

OCR Issues New Guidance on the HIPAA Privacy Rule and Sharing of Mental Health Information

February 25, 2014 By Privacy, Cyber & Data Strategy Team

Late last week, the HHS Office for Civil Rights (OCR) published guidance designed to help health care providers understand when, consistent with the HIPAA Privacy Rule, they may share information related to a patient’s mental health with others. As we have previously written, HHS seeks to balance a patient’s privacy rights in mental health records […]

New CMS and OCR Rule Provides Patients with Access to Laboratory Test Results

February 6, 2014 By Privacy, Cyber & Data Strategy Team

Today, the Centers for Medicare & Medicaid Services (CMS), the HHS Office for Civil Rights (OCR) and the Centers for Disease Control and Prevention (CDC) published a final rule in the Federal Register, amending the Clinical Laboratory Improvement Amendments of 1988 (CLIA) regulations and the HIPAA Privacy Rule to provide patients with greater access to their lab […]