HIPAA.com

Exploring HIPAA and HITECH Act Definitions: Part 8

From now through November, HIPAA.com is providing a run through of HIPAA transaction & code set, privacy, and security definitions, along with relevant HITECH Act definitions pertaining to breach notification, securing of protected health information, and electronic health record (EHR) standards development and adoption. These definitions are key to understanding the referenced HIPAA and HITECH Act enabling regulations that are effective now and that will require compliance by covered entities and business associates now or in the months ahead, as indicated in HIPAA.com’s timeline. Each posting will contain three definitions, with a date reference to the Federal Register, Code of Federal Regulations (CFR), or statute, as appropriate. Exploring HIPAA and HITECH…

Ed JonesAmerican Recovery and Reinvestment Act, Health IT and HITECHAmerican Recovery and Reinvestment Act, Breach Notification, business associate, Code of Federal Regulations, compliance, covered entity, definition, effective, EHR, electronic health record, enabling regulations, February 17, Federal Register, health care clearinghouse, health information technology, HIPAA, HIT Policy Committee, HIT Standards Committee, HITECH Act, Individually Identifiable Health Information, Office of the National Coordinator for Health Information Technology, ONCHIT, Privacy, securing of protected health information, Security, Standards, statute, timeline, transaction & code setLeave a comment

Exploring HIPAA and HITECH Act Definitions: Part 7

Ed JonesAmerican Recovery and Reinvestment Act, Health IT and HITECHAmerican Recovery and Reinvestment Act, Breach Notification, business associate, Code of Federal Regulations, compliance, covered entity, definition, effective, EHR, electronic health record, enabling regulations, February 17, Federal Register, hardware, health care clearinghouse, health information, health information technology, health plan, HIPAA, HITECH Act, intellectual property, Medicaid, Medicare, Office of the National Coordinator for Health Information Technology, ONCHIT, Privacy, securing of protected health information, Security, software, Standards, statute, timeline, transaction & code setLeave a comment

HITECH and HIPAA Training: Time to Double Down

As the healthcare industry continues to digest profound HITECH changes to HIPAA Privacy and Security rules, two observations already are apparent and indisputable for covered entities and their business associates. First, time and resources spent on a workforce that is well-trained on the Privacy and Security rules will be an investment of exponential value. Second, enforcement of those same rules will make negligent and uncorrected errors very costly. A well-trained workforce makes fewer mistakes, and identifies and fixes those that it makes. A workforce that violates the rules because it does not know them or does not care to know them makes an inviting target for HITECH’s new enforcement initiatives….

HIPAA.com StaffAmerican Recovery and Reinvestment Act, Health IT and HITECH, HIPAA Law, Privacy, SecurityBreach Notification, business associates, civil penalties, compliance audits, corrective action, covered entities, Enforcement, HIPAA PRIVACY RULE, HIPAA Security Rule, HITECH Act, HITECH enforcement, medical record, minimum necessary, PHI, Privacy Rule violations, protected health information, re-training, regulation, Secretary of HHS, state attorneys general, third party payer, thirty-day corrective action grace period, Training, unsecured breach, whistleblower, willful neglect, workforceLeave a comment

Exploring HIPAA and HITECH Act Definitions: Part 6

From now through November, HIPAA.com is providing a run through of HIPAA transaction & code set, privacy, and security definitions, along with relevant HITECH Act definitions pertaining to breach notification, securing of protected health information, and electronic health record (EHR) standards development and adoption. These definitions are key to understanding the referenced HIPAA and HITECH Act enabling regulations that are effective now and that will required compliance by covered entities and business associates now or in the months ahead, as indicated in HIPAA.com’s timeline. Each posting will contain three definitions, with a date reference to the Federal Register, Code of Federal Regulations (CFR), or statute, as appropriate. Exploring HIPAA and…

Ed JonesAmerican Recovery and Reinvestment Act, Health IT and HITECHAmerican Recovery and Reinvestment Act, Breach Notification, business associate, Certified EHR Technology, Code of Federal Regulations, compliance, covered entity, definition, effective, EHR, Electronic Exchange, electronic health record, enabling regulations, enterprise integration, February 17, Federal Register, government, health care infrastructure, Health Care Provider, health information technology, health plan, HHS, HIPAA, HITECH Act, inpatient hospital, Office of the National Coordinator for Health Information Technology, ONCHIT, physician, Privacy, protocols, Secretary, securing of protected health information, Security, Social Security Act, Standards, statute, timeline, transaction & code setLeave a comment

House Passes Health Care Reform Bill: H.R. 3962, as Amended

On Saturday night, November 7, 2009, the U.S. House of Representatives passed H.R. 3962, the Affordable Health Care for America Act. The vote was 220 in favor, 215 against. The roll call for the vote is available online at the US House Office of the Clerk website. H.R. 3962 as introduced in the House on October 29, 2009, following Committee action, available here. A chronology of all Congressional actions on this bill is available here. Finally, various sources of information pertaining to HR 3962, including Committee reports, are available here. Action now moves to the Senate on Health Care Reform, which may be later this year or early in 2010….

Ed JonesHealth Care ReformAffordable Health Care for America Act, healt care reform, HR 3962, US House of Representatives, US SenateLeave a comment

Exploring HIPAA and HITECH Act Definitions: Part 5

From now through November, HIPAA.com is providing a run through of HIPAA transaction & code set, privacy, and security definitions, along with relevant HITECH Act definitions pertaining to breach notification and securing of protected health information. These definitions are key to understanding the referenced HIPAA and HITECH Act enabling regulations that are effective now and that will require compliance by covered entities and business associates now or in the months ahead, as indicated in HIPAA.com’s timeline. Each posting will contain three definitions, with a date reference to the Federal Register and citation to the Code of Federal Regulations (CFR). We begin the first series of postings with definitions from “Health Insurance…

Ed Jones5010Administrative Requirements, Breach Notification, business associates, CFR, Code of Federal Regulations, compliance, covered entities, definition, effective, enabling regulations, Federal Register, Health Insurance Reform, HIPAA, HITECH Act, maximum defined data set, Privacy, securing of protected health information, Security, segment, standard transaction, timeline, transaction & code setLeave a comment

HHS Strengthens HIPAA Enforcement

On Friday, October 30, 2009, HHS published in the Federal Register its Interim Final Rule that strengthens HIPAA enforcement under HITECH Act civil penalty revisions enacted as part of the American Recovery and Reinvestment Act on February 17, 2009. “These HITECH Act revisions significantly increase the penalty amounts the Secretary [of HHS] may impose for violations of the HIPAA rules and encourage prompt corrective action,” according to the HHS press release. The Interim Final Rule is effective as federal policy on November 30, 2009, and HHS requests comments by December 29, 2009. With the definition of ‘breach’ in the HITECH Act moving privacy and security violations under one requirement requiring…

Ed JonesEnforcementAmerican Recovery and Reinvestment Act, April 2003, breach, Breach Notification, business associate, Centers for Medicare & Medicaid Services, civil penalty, CMS, covered entity, December 29, February 17, Federal Register, Georgina Verdugo, health plans, healthcare providers, HHS, HHS Secretary, HIPAA enforcement, HIPAA PRIVACY RULE, HIPAA rules, HIPAA Security Rule, HITECH Act, Interim Final Rule, OCR, OCR Director, Office of Civil Rights, protected health information, reasonable cause, safeguard, unsecured PHI, willful neglectLeave a comment

Exploring HIPAA and HITECH Act Definitions: Part 4

From now through November, HIPAA.com is providing a run through of HIPAA transaction & code set, privacy, and security definitions, along with relevant HITECH Act definitions pertaining to breach notification and securing of protected health information. These definitions are key to understanding the referenced HIPAA and HITECH Act enabling regulations that are effective now and that will require compliance by covered entities and business associates now or in the months ahead, as indicated in HIPAA.com’s timeline. Each posting will contain three definitions, with a date reference to the Federal Register and citation to the Code of Federal Regulations (CFR). We begin the first series of postings with definitions from “Health…

Ed Jones5010Administrative Requirements, Breach Notification, business associates, CFR, Code of Federal Regulations, Common Procedure Coding System, compliance, covered entities, definition, effective, enabling regulations, Federal Register, format, HCPSS, Health Insurance Reform, HIPAA, HITECH Act, maintain, maintenance, Privacy, securing of protected health information, Security, timeline, transaction & code setLeave a comment

How Data Validation Will Make Your Life Easier

As a clinician, you want to know if data being entered into the system is accurate, clean, correct and useful. Data validation often called “validation rules” or “check routines” are built into systems such as EHR systems. These rules check for correctness, meaningfulness, and security of data. For example, the system would automatically disallow or question a user trying to enter eligibility results into the patient’s address field. Validation rules may be automated because the software company uses a data dictionary, or data may be checked by an explicit application program validation logic. To participate in quality reporting, such as meaningful use, PQRI or ePrescribing reimbursement incentive programs, you want…

Carolyn HartleyHealth IT and HITECH, Meaningful Use, SecurityEHR Implementation, Quality ReportingLeave a comment

Exploring HIPAA and HITECH Act Definitions: Part 3

From now through November, HIPAA.com is providing a run through of HIPAA transaction & code set, privacy, and security definitions, along with relevant HITECH Act definitions pertaining to breach notification and securing of protected health information. These definitions are key to understanding the referenced HIPAA and HITECH Act enabling regulations that are effective now and that will require compliance by covered entities and business associates now or in the months ahead, as indicated in HIPAA.com’s timeline. Each posting will contain three definitions, with a date reference to the Federal Register and citation to the Code of Federal Regulations (CFR). We begin the first series of postings with definitions from “Health…

Ed Jones5010Administrative Requirements, Breach Notification, business associates, CFR, Code of Federal Regulations, compliance, covered entities, definition, descriptor, designated standard maintenance organization, direct data entry, DSMO, effective, enabling regulations, Federal Register, Health Insurance Reform, HIPAA, HITECH Act, Privacy, securing of protected health information, Security, timeline, transaction & code setLeave a comment