In August, the Office for Civil Rights (OCR) announced a settlement with New England Dermatology P.C., known as New England Dermatology and Laser Center, over the improper disposal of PHI, which is a potential HIPAA Privacy Rule violation.
Starting on October 6, the definition of electronic health information (EHI) will include “the entire scope of the EHI definition [i.e., ePHI that is or would be in a Designated Record Set (DRS)].”
The 21st Century Cures Act fundamentally changes how patients can interact with their health information — and October 6 is a significant milestone for these changes.
The Office for Civil Rights (OCR) recently announced version 3.3 of the HHS Security Risk Assessment Tool. According to OCR officials, this tool is designed to aid small and medium-sized healthcare organizations in their efforts to assess security risks.
