CMS and ONC Publish Final Rules for Meaningful Use Stage 2 Security in Federal Register

September 4, 2012.  The Department of Health and Human Services (HHS) entities:  Centers for Medicare & Medicaid Services (CMS) and Office of the National Coordinator for Health Information Technology (ONC), published their Final Rules for Meaningful Use Stage 2 in today’s Federal Register.  This posting focuses on the preamble relating to the following Stage 2 security objective in the CMS Final Rule entitled Medicare and Medicaid Programs; Electronic Health Record Incentive Program:  “Protect electronic health information created or maintained by the Certified EHR Technology [CEHRT] through the implementation of appropriate technical capabilities.”  Reference numbers in brackets refer to the page number(s) in the September 4, 2012,  Federal Register. Associated with this objective…

READ MORE

OCR Announces November 2011 Start of Privacy and Security Compliance Audits

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) is responsible for privacy and security enforcement under Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health (HITECH) Act provisions. OCR has announced that it is initiating compliance audits beginning this month, as authorized by the HITECH Act.  This action precedes the imminent release of the Final HIPAA/HITECH Act Privacy, Security, Breach Notification, and Enforcement Rules, expected before the end of 2011, and will strengthen enforcement and accountability for compliance with existing and forthcoming Rule modifications.   To avoid the consequences of potential penalties for non-compliance, covered entities and business…

READ MORE