|
FTC Delays “Red Flags” Rule for Third TimeThe Federal Trade Commission announced a third delay for compliance, from August 1, 2009, to November 1, 2009, for compliance with the identity theft prevention red flags rule. The delay is for another three months. Entities affected are creditors and financial institutions. Healthcare providers that extend delayed payment plans to patients are deemed “creditors” under the red flags rule. |
|
|
Transmission Security Encryption: What to Do and How to Do ItIn our series on the HIPAA Administrative Simplification Security Rule, this is the second of two implementation specifications for the Technical Safeguard Standard, Transmission Security. This implementation specification is addressable. Addressable does not mean “optional.” Rather, an addressable implementation specification means that a covered entity must use reasonable and appropriate measures to meet the standard. As we noted in earlier postings on HIPAA.com, business associates of covered entities will be required to comply with the Security Rule safeguard standards, beginning February 17, 2010. This requirement is one of the HITECH Act provisions of the American Recovery and Reinvestment Act (ARRA), signed by President Obama on February 17, 2009. |
|
|
Transmission Security Integrity Controls: What to Do and How to Do ItIn our series on the HIPAA Administrative Simplification Security Rule, this is the first implementation specification for the Technical Safeguard Standard, Transmission Security. This implementation specification is addressable. Addressable does not mean “optional.” Rather, an addressable implementation specification means that a covered entity must use reasonable and appropriate measures to meet the standard. As we noted in earlier postings on HIPAA.com, business associates of covered entities will be required to comply with the Security Rule safeguard standards, beginning February 17, 2010. This requirement is one of the HITECH Act provisions of the American Recovery and Reinvestment Act (ARRA), signed by President Obama on February 17, 2009. |
|
|
Transmission Security: What This HIPAA Security Rule Technical Safeguard Standard MeansThis is the fifth and last Technical Safeguard Standard of the HIPAA Administrative Simplification Security Rule. It has two implementation specifications: integrity controls; and encryption. Each is addressable. Addressable does not mean “optional.” Rather, an addressable implementation specification means that a covered entity must use reasonable and appropriate measures to meet the standard. As we have noted in earlier postings on HIPAA.com, business associates of covered entities will be required to comply with the Security Rule safeguard standards, beginning February 17, 2010. This requirement is one of the HITECH Act provisions of the American Recovery and Reinvestment Act (ARRA), signed by President Obama on February 17, 2009. |
|
|
Person or Entity Authentication: What to Do and How to Do ItIn our series on the HIPAA Administrative Simplification Security Rule, this is the fourth Technical Safeguard Standard. There is not a separately described implementation specification. Rather, this standard’s implementation specification is connoted in the language of the standard and is required. As we have noted in earlier postings on HIPAA.com, business associates of covered entities will be required to comply with the Security Rule safeguard standards, beginning February 17, 2010. This requirement is one of the HITECH Act provisions of the American Recovery and Reinvestment Act (ARRA), signed by President Obama on February 17, 2009. |
|
|
Person or Entity Authentication: What This HIPAA Security Rule Technical Safeguard Standard MeansThis is the fourth Technical Safeguard Standard of the HIPAA Administrative Simplification Security Rule. There is not a separately described implementation specification. Rather, this standard’s implementation specification is connoted in the language of the standard and is required. As we have noted in earlier postings on HIPAA.com, business associates of covered entities will be required to comply with the Security Rule safeguard standards, beginning February 17, 2010. This requirement is one of the HITECH Act provisions of the American Recovery and Reinvestment Act (ARRA), signed by President Obama on February 17, 2009. |
|
|
Privacy and Security in Disasters or EmergenciesFamilies searching for loved ones in a presidential-declared disaster, whether a hurricane, tornado, earthquake or unnatural disasters, should not have to also overcome HIPAA privacy roadblocks. As our nation winds down mid-western tornado season and steps up Hurricane season, review the guidance issued by DHHS after hundreds of thousand of Hurricane Katrina and Rita displaced citizens tried to locate loved ones. |
|
|
Accountability Key Privacy/Security Principle of Meaningful Use 2011 ObjectivesIn this series of postings, we reproduce—one at a time—Level 1 and Level 2 descriptions of the eight principles. A Level 1 (L1) description is a “short title and concise statement,” and a Level 2 (L2) description is a “short explanation that further elaborates on the principle, what it is designed to do, and its parameters.” |
Syndicate this site
Sign up for email updates
Follow HIPAA.com on Twitter
