|
ONC Touts its 10 Step Plan for Meeting Meaningful Use Privacy and Security Attestation RequirementsIn a recent Tweet, the Office of the National Coordinator for Health Information Technology (ONC) stated: “Move into the 21st Century and check out the Privacy & Security 10-Step Plan before you implement an Electronic Health Record.” ONC makes the following recommendation to an Eligible Professional (EP) covered entity participating in the Medicare and Medicaid Financial Incentive Program for Adoption and Meaningful Use of Certified Electronic Health Record (EHR) Technology: “An EP must meaningfully use certified EHR technology for an EHR reporting period, and then attest to CMS [the Centers for Medicare & Medicaid Services] that he or she has met meaningful use for that period. Start your 10-step process at least 90 days before you begin the EHR reporting period.” In addition to the new Meaningful Use Audit program as it pertains to attestation, also be aware of the HIPAA Privacy & Security Audit Program conducted under auspices of the Office for Civil Rights (OCR) of the Department of Health and Human Services, which HIPAA.com has discussed in earlier postings. Give yourself at least 90 days to conduct security compliance activities as they pertain to attestation, and even longer to meet HIPAA privacy, security, and breach notification implementation specifications as well. Take the new climate of increased privacy and security enforcement and of the probability of audit of risk analysis, policies and procedures, and workforce training seriously. |
|
|
ONC Issues Meaningful Use Guide for Privacy & Security Attestation ComplianceMay 9, 2012. The Office of the National Coordinator for Health Information Technology (ONC) has issued a Guide to Privacy and Security of Health Information (Version 1.1 022312). This Guide is targeted to medical practitioners who participate in the Medicare and Medicaid Program for Adoption and Meaningful Use of Certified Electronic Health Record Technology. This Guide should not be relied on as an instruction manual for achieving HIPAA Privacy and Security and HITECH Act Breach Notification compliance, but does have useful guidance to public resources for so doing. |
|
|
ONC Publishes Stage 2 EHR Technology Certification Criteria NPRMOn March 7, 2012, the Office of the National Coordinator for Health Information Technology (ONC) of the Department of Health and Human Services (HHS) published in the Federal Register its notice of proposed rule making (NPRM) entitled Health Information Technology: Standards, Implementation Specifications, and Certification Criteria for Electronic Health Record [EHR] Technology, 2014 Edition; Revisions to the Permanent Certification Program for Health Information Technology [pp. 13832-13885]. Comments to HHS may be made until 5 PM on May 7, 2012. The proposed new and revised certification criteria would establish the technical capabilities and specify the related standards and implementation specifications that Certified Electronic Health Record (EHR) Technology would need to include to, at a minimum, support the achievement of meaningful use by eligible professionals [EPs], eligible hospitals, and critical access hospitals [CAHs] under the Medicare and Medicaid EHR Incentive Programs beginning with the EHR reporting periods in fiscal year and calendar year 2014. |
|
|
CMS Publishes Stage 2 Meaningful Use Incentive Program NPRMOn March 7, 2012, the Centers for Medicare & Medicaid Services (CMS) published in the Federal Register its 132-page notice of proposed rule making (NPRM): Medicare and Medicaid Programs; Electronic Health Record Incentive Program–Stage 2. Comments to the Department of Health and Human Services (HHS) may be made until 5 PM on May 7, 2012. The NPRM amends the core security measure to explicitly require addressing encryption of data at rest in the risk analysis. |
|
|
HHS Extends Life of Temporary EHR Technology Certification ProgramThe Office of the National Coordinator for Health Information Technology (ONC) of the Department of Health and Human Services (HHS) published a notice in the Thursday, November 3, 2011, Federal Register that extends the life of the “temporary certification program for health information technology” beyond its expected sunset date of December 31, 2011, to at least summer 2012. |
|
|
Permanent HIT Certification Final Rule Published by ONC in Federal RegisterJanuary 7, 2011. The Department of Health and Human Services (HHS) Office of the National Coordinator for Health Information Technology (ONC) published today in the Federal Register the final rule for Establishment of the Permanent Certification Program for Health Information Technology (HIT). This regulation is effective on February 7, 2011. The temporary certification program final rule, published on June 24, 2010 in the Federal Register, will continue in effect until it sunsets on December 31, 2011, or at a later date when permanent certification program operational processes are completed. |
|
|
EHR Incentive and Certification Criteria Final Rules Published in Federal RegisterThe EHR Incentive and Certification final rules were published in the Federal Register this morning, July 28, 2010. HIPAA.com provides the title, summary, effective date, and URL for each. |
|
|
OMB Completes Review of Final Rules for EHR Incentive Program and for Initial Certification CriteriaOn Friday, July 9, 2010, the Office of Management and Budget (OMB) completed review of the two Final Rules: Health Information Technology: Initial Set of Standards, Implementation Specifications, and Certification Criteria for Electronic Health Record (RIN: 0991-AB58) and Electronic Health Record (EHR) Incentive Program (RIN: 0938-AP78). These rules are on a fast track and are expected to be available for prepublication inspection at the Federal Register imminently. |
Syndicate this site
Sign up for email updates
Follow HIPAA.com on Twitter