"Privacy and Security" Posts

Portrait of Lucia Savage, J.D.

HIPAA Supports Electronic Exchange of Health Information at the Federal, State, and Local Level

Lucia Savage, J.D. | January 11, 2017

Important work to ensure the health system is functioning properly is conducted by a wide variety of entities at the federal, state, and local level. These agencies may license health care professionals or health insurance companies, administer a state Medicaid program, monitor compliance and efficacy of health care programs, and even ensure individual civil rights related to how organizations use patients’ health information. This important work sometimes requires that the oversight agency receive health information about individuals,

Read Full Post.
Portrait of Lucia Savage, J.D.

A Road Map for States: Addressing Privacy and Policy Barriers to the Availability and Flow of Electronic Health Information

Lucia Savage, J.D. | December 9, 2016

Data show that individuals expect to be able to access their health information, making it readily accessible and securely shared among their health care providers to support effective clinical decision-making. And here at the Office of the National Coordinator for Health Information Technology (ONC), we are committed to providing the electronic health information infrastructure to support the nation’s transition to a health system that rewards quality over quantity to achieve better care,

Read Full Post.
Portrait of Lucia Savage, J.D.

How HIPAA Supports Public Health through the Sharing of Electronic Health Information

Lucia Savage, J.D. | December 8, 2016

Electronic health records provide structured clinical data that help public health workers track, mitigate, and eliminate disease. They also offer us the opportunity to improve health across the country and address public health crises such as Zika, Ebola, lead poisoning, and natural disasters.

Read Full Post.
Portrait of Lucia Savage, J.D.

New Resources to Help Providers Maintain Access to Protected Health Information

Lucia Savage, J.D. | November 1, 2016

As electronic health record (EHR) adoption becomes widespread, and providers increasingly embrace the patient engagement opportunities of digital health, EHR customers look to EHR vendors to ensure that health information is available where and when it is needed. And yet we know from our experience that many providers continue to face challenges when they seek access to protected health information (PHI)—challenges that could impact patient care and safety. That’s why we are highlighting two recent resources that improve the awareness of EHR vendors’ obligations to make health information available to their health care provider customers.

Read Full Post.
Portrait of Ebony Brice

Revised HIPAA Security Risk Assessment Tool Now Available

Ebony Brice | October 13, 2016

As we mark National Cyber Security Awareness Month, the Office of the National Coordinator for Health Information Technology (ONC) and the HHS Office for Civil Rights (OCR) have jointly launched an updated HIPAA Security Risk Assessment (SRA) Tool. The tool’s new features make it even more useful in assisting small and medium-sized health care practices and business associates in complying with the Health Insurance Portability and Accountability Act (HIPAA) Security Rule.

Read Full Post.