This posting is one of several that outline the HITECH privacy provisions of the American Recovery and Reinvestment Act that President Obama signed into law on Tuesday, February 17, 2009, in Denver, CO. Here, we reproduce the definitions that appear in Subtitle D—Privacy, Section 13400. Definitions, that appear in the Conference Report on page H1345 of Congressional Record—House, February 12, 2009. These definitions are critical in understanding the content of the new HITECH privacy provisions and how they relate to existing HIPAA Administrative Simplification Privacy Rule standards. HIPAA Privacy Definitions: BreachBusiness AssociateCovered EntityDisclosureElectronic Health RecordHealth Care Operations Health Care ProviderHealth PlanNational CoordinatorPaymentPersonal Health RecordProtected Health Information SecretarySecurityStateTreatmentUseVendor Of Personal Health…
Month: May 2009
Word of the Day: Evidence-Based Medicine
Evidence-Based Medicine: The conscientious, explicit, and judicious use of current best evidence in making decisions about the care of individual patients. The practice of evidence-based medicine means integrating individual clinical expertise with the best available external clinical evidence from systematic research.
Word of the Day: Digital Signature
Digital Signature: An electronic signature, which serves as a unique identifier for an individual, much like a written signature, in which an algorithm authenticates the integrity of the signed data and the identity of the signatory.
Word of the Day: Health Level 7 (HL7)
Health Level 7 (HL7): One of several American National Standards Institute (ANSI)-accredited standards developing organizations (SDOs) operating in the health care arena. Most SDOs produce standards (sometimes called specifications or protocols) for a particular health care domain such as pharmacy, medical devices, imaging, or insurance (claims processing) transactions. HL7’s domain is clinical and administrative data.
Word of the Day: Digital Signature
Digital Signature: An electronic signature, which serves as a unique identifier for an individual, much like a written signature, in which an algorithm authenticates the integrity of the signed data and the identity of the signatory.
FTC Delays Identity Theft Prevention Red Flags Rule for Second Time
The Federal Trade Commission announced a second delay on Friday, May 1, 2009, for compliance with the identity theft prevention red flags rule. The delay is for three months, with compliance now scheduled for August 1, 2009. Entities affected are creditors and financial institutions. Healthcare providers that extend delayed payment plans to patients are deemed “creditors” under the red flags rule. This delay was to give affected entities more time to develop and implement written identity theft prevention policies and procedures for compliance with the rule, which is based on enabling regulations of provisions in the Fair and Accurate Credit Transactions Act of 2003. You can visit the FTC website…
Word of the Day: Security Incident
Security Incident: The attempted or successful unauthorized access, use, disclosure, modification, or destruction of information or interference with system operations in an information system.
Federal Government Declares Public Health Emergency Regarding H1N1 (Swine) Flu
The federal government has declared a public health emergency in the United States concerning H1N1 swine flu. The Centers for Disease Control and Prevention (CDC) provides “information to help health care providers, public health officials and the public address the challenges posed by this emergency. CDC is issuing and updating interim guidance daily in response to the rapidly evolving situation.” HIPAA.com recommends that you visit the CDC site, http://www.cdc.gov/h1n1flu, where you can get additional information and sign up for situation updates via email. Also, CDC posts emergency updates on Twitter at http://twitter.com/cdcemergency.
Red Flags Rules Compliance Countdown: Today
The Federal Trade Commission’s (FTC’s) red flags rules for financial institutions and creditors to fight identity theft require compliance by most healthcare providers today, Friday, May 1, 2009. See this post for more information on how to prepare for today’s deadline.
Get Your Team Prepared for the EHR, Part Four
Technical Assessment Technology management and support helps determine the degree to which your clinic or practice can systematically and proactively manage technology assets. For example, you want to know the IT skill set of your staff, the current state of your organization’s technology infrastructure, your approach to technology planning, the existing technology management structures and technology project management capabilities. The technical assessment looks also at how well management and technology infrastructure can effectively support quality and operational goals. A technical assessment can save thousands of dollars, simply by identifying what you have and what you need. High-level items in the technical assessment or checklist include completion of a security risk…