Archive for ONC
The Office of the National Coordinator (ONC) released the revised “Guide to Privacy and Security of Electronic Health Information” April 13 to help organizations integrate federal health information privacy and security requirements.
The guide is geared toward HIPAA covered entities and Medicare eligible professionals from smaller organizations. The updated version features information about compliance with the privacy and security requirements of CMS’ Electronic Health Record (EHR) Incentive Programs as well as compliance with HIPAA Privacy, Security, and Breach Notification Rules.
The guide covers such topics as:
- Increasing patient trust through privacy and security
- Provider responsibilities under HIPAA
- Health information rights of patients
- Security patient information in EHRs
- Meaningful Use core objectives that address privacy and security
- A seven-step approach for implementing a security management process
- Breach notification and HIPAA enforcement
The Office of the National Coordinator (ONC) recently released guides to help organizations assess and understand patient-generated health data (PGHD). PGHD includes health history, treatment history, biometric data, symptoms, and lifestyle choices. Although this information is important, organizations must manage it appropriately for it to advance patient care, according to the ONC.
ONC released a guide for assessing PGHD to help organizations understand the benefit of this data and appropriately leverage it to measure patient experiences. It also released a general guide about the definition and importance of PGHD.
The HHS Office of the National Coordinator for Health Information Technology (ONC) and Office for Civil Rights (OCR) recently released a security risk assessment (SRA) tool for small- to medium-size practices.
The HIPAA Security Rule requires covered entities to conduct risk assessments to ensure compliance with its administrative, physical, and technical safeguard provisions. The SRA tool can help practices assess their security practices and it creates a report that can be given to auditors, according to an HHS press release.