Federal officials should offer detailed guidance on how to conduct a "risk of harm" assessment to comply with the HITECH Act Breach Notification Rule, says Harry Rhodes, director of practice leadership at the American Health Information Management Association.
The Office of the National Coordinator for Health IT will soon seek feedback on using certain existing standards for metadata for specific purposes, such as to indicate a patient's privacy preferences, within electronic health records. ONC will then consider the comments before deciding whether to require the use of...
The California Supreme Court has ruled that a key provision of a tough state medical privacy law is not preempted by federal regulations. The evolving case, which eventually could wind up before the U.S. Supreme Court or grow into a class action case at the state level, is worth watching.
The Privacy and Security Tiger Team is recommending that electronic health records software certified for the HITECH Act's EHR incentive program should be able to record corrections from patients or providers as well as transmit those corrections to others.
Adam Greene, the primary author of the proposed accounting of disclosures rule mandated under the HITECH Act, says healthcare organizations preparing to comply should make sure their audit logs are functioning well.