Notification of Enforcement Discretion for telehealth remote communications during the COVID-19 nationwide public health emergency

Notification of Enforcement Discretion for telehealth remote communications during the COVID-19 nationwide public health emergency

This is a major announcement and one that I did not see coming from this administration. This should be done years ago, especially with most of the major players in this space HIPAA compliant already.

IMHO

We are empowering medical providers to serve patients wherever they are during this national public health emergency. We are especially concerned about reaching those most at risk, including older persons and persons with disabilities. – Roger Severino, OCR Director.

The Office for Civil Rights (OCR) at the Department of Health and Human Services (HHS) is responsible for enforcing certain regulations issued under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), as amended by the Health Information Technology for Economic and Clinical Health (HITECH) Act, to protect the privacy and security of protected health information, namely the HIPAA Privacy, Security and Breach Notification Rules (the HIPAA Rules).

During the COVID-19 national emergency, which also constitutes a nationwide public health emergency, covered health care providers subject to the HIPAA Rules may seek to communicate with patients, and provide telehealth services, through remote communications technologies. Some of these technologies, and the manner in which they are used by HIPAA covered health care providers, may not fully comply with the requirements of the HIPAA Rules.

OCR will exercise its enforcement discretion and will not impose penalties for noncompliance with the regulatory requirements under the HIPAA Rules against covered health care providers in connection with the good faith provision of telehealth during the COVID-19 nationwide public health emergency. This notification is effective immediately…

The rest of the post is Sourced: Notification of Enforcement Discretion for telehealth

Cloudticity Brings HIPAA Compliance to Amazon Cloud-Native Workloads | The New Stack

Cloudticity Brings HIPAA Compliance to Amazon Cloud-Native Workloads | The New Stack

The move to the cloud is one that started more than a decade ago for some companies and has yet to happen for some others. The reasons for the lag are varied, but for some governmental regulations, such as the Health Insurance Portability and Accountability Act (HIPAA), which regulates data privacy concerns for companies in the healthcare sector, are also to blame for the delay. With requirements around data retention and encryption, it can be easier to stay with what you know rather than make the move to the latest technology…

Source: Cloudticity Brings HIPAA Compliance to Amazon Cloud-Native Workloads

New white paper highlights how Microsoft Teams helps healthcare providers with HIPAA compliance

New white paper highlights how Microsoft Teams helps healthcare providers with HIPAA compliance

A new white paper commissioned by Microsoft from HIPAA One assesses how current Microsoft security controls can help Microsoft Teams customers with HIPAA compliance.

Source: New white paper highlights how Microsoft Teams helps healthcare providers with HIPAA compliance

Microsoft Teams, like the rest of Office 365 is HIPAA compliant by default. The service that is targeted by Microsoft’s version, Slack,  is not in its default configuration. This is not to put down Slack’s effectiveness in the marketplace, but the healthcare industry is a major user of the Microsoft system of business software and integration. This choice is not an option with collaboration and communications in the Personal Health Information space.

Now HIPAA-Compatible, Amazon’s Alexa Opens Up to mHealth Uses

Alexa, please make my health records available RIGHT NOW! One of the best parts of this trial is my primary healthcare system is also participating.

Amazon has invited six healthcare providers to develop mHealth platform for Alexa, now that the company’s smart speaker is HIPAA-compliant.

Along with Boston Children’s and Livongo, others involved in the program are Cigna, Express Scripts, Providence St. Joseph Health’s Swedish Health Connect and Atrium Health.

 

Source: Now HIPAA-Compatible, Amazon’s Alexa Opens Up to mHealth Uses

Anthem to Pay Record $16M for HIPAA Violations Exposing 79M Records

Anthem to Pay Record $16M for HIPAA Violations Exposing 79M Records

One would think these companies would learn from other and past mistakes, but they don’t. And wonder why the healthcare business is so flawed. Anthem is not my BCBS provider, so it shouldn’t affect me personally, but if it were BCBS of North Carolina, I would be pissed.

via Anthem to Pay Record $16M for HIPAA Violations Exposing 79M Records

Making HIPAA and HITRUST compliance easier | Blog | Microsoft Azure

 

Azure Blog from Microsoft

 

Many healthcare organizations are starting to adopt artificial intelligence (AI) systems to gain deeper insight into operations, patient care, diagnostic imaging, cost savings and so on…

This blog used to cover HIPAA and related topics much more closely than is current, however, the intersection of cloud access and keeping medical data safe and legal is a topic virtually all healthtech developers must practice daily.

Source: Making HIPAA and HITRUST compliance easier

Oklahoma Government in Row Over Alleged HIPAA Violation

Oklahoma Government in Row Over Alleged HIPAA Violation

 

Thinkstock via HealthITSecurity.com

 

As I read this article while attempting to keep up with interesting HIPAA articles, I did some quick research on Wikipedia, Bing search engines, and the Federal agency that covers this topic. I couldn’t find any reference to caching and storage, which is central to attaining the truth on which political position is correct on the subject. Long story short, a planned maintenance Internet outage occurred; some staffers used their smartphones loaded with an app to access Personal Health Information; no agreement on the correctness of this action bordering on partisanship.

I believed that it is the job of journalists and editors to gather facts on the subject in question and present them in the article, or at least the updated version online after a printed story. Disclaimer, I did not go to journalism school at Auburn University.

Two branches of Oklahoma’s government are embroiled in a controversy over whether the Oklahoma Department of Veterans Affairs committed a HIPAA violation.

Source: Oklahoma Government in Row Over Alleged HIPAA Violation