Now that the fourth quarter has arrived, things are winding down for 2022. This is a good time to reflect on the past year of HIPAA compliance and prepare for 2023. Here is a roundup of HIPAA topics and some actionable tips for compliance.
In early June, Congress released a bipartisan draft bill called the American Data Privacy and Protection Act. The goal of this bill is to create a regulation that organizations in any industry would need to accord with compliance. On the surface, this sounds great, but in reality, it is unrealistic.
Starting on October 6, the definition of electronic health information (EHI) will include “the entire scope of the EHI definition [i.e., ePHI that is or would be in a Designated Record Set (DRS)].”
The 21st Century Cures Act fundamentally changes how patients can interact with their health information — and October 6 is a significant milestone for these changes.
In August, the Office for Civil Rights (OCR) announced a settlement with New England Dermatology P.C., known as New England Dermatology and Laser Center, over the improper disposal of PHI, which is a potential HIPAA Privacy Rule violation.
The Office for Civil Rights (OCR) recently announced version 3.3 of the HHS Security Risk Assessment Tool. According to OCR officials, this tool is designed to aid small and medium-sized healthcare organizations in their efforts to assess security risks.
