The soon-to-be-launched HIPAA compliance audit program likely will initially offer comprehensive assessments of compliance with the HIPAA privacy and security rules, rather than focusing on specific narrower issues, says Susan McAndrew of the HHS Office for Civil Rights.
"The lack of individual accountability over user accounts provides ample opportunities to conceal malicious activity such as theft or misuse of veteran data," VA Assistant Inspector General Belinda Finn says.
Dan Rode of the American Health Information Management Association describes why the group wants to see major revisions in a proposed federal rule requiring hospitals, clinics and others to give patients access reports listing everyone who's viewed their records.
Two electronic health records pioneers that already have earned federal EHR incentive payments stress that a robust risk management program should be an essential component of any movement from paper to electronic records.
Associations representing clinic administrators, healthcare CIOs and health information managers are asking federal regulators to go back to the drawing board on the access report provision of a proposed Accounting of Disclosures rule.
There was good news and bad news in the reporting of major health information breaches in the past month. The good news: Only four incidents were added to the official federal tally. The bad news: One of those incidents affected 400,000 individuals.
The Privacy and Security Tiger Team is spelling out best practices for giving patients clear and simple guidance regarding how to safeguard electronic health records when downloading them from a hospital or a clinic.
HealthcareInfoSecurity has launched its inaugural Healthcare Information Security Today survey gauging top trends, threats and priorities for hospitals, clinics, health plans and integrated delivery systems.