Compliance Updates

The Evolution of Risk to PHI and Patient Safety

In the 70s and 80s, healthcare organizations started to migrate their patient management information from hardcopy to electronic, either on shared mainframes such as SMS and McAuto or on microprocessors. The user workstations had no intelligence and were known as “dumb terminals.” There were limited locations of electronic identifiable health information. There was no motivation to sell identifiable health information.

Read more...

Information Blocking and the Future of Patient Care: Breaking Down the 8 Exceptions

President and CEO Gerry Blass sat down with Journal of AHIMA senior editor Mary Butler on a recent episode of the Hi Pitch Podcast to talk about the 21st Century Cures Act Information Blocking Final Rule and the eight information blocking exceptions. Blass was joined by attorney Helen Oscislawski, who spoke to the challenges her clients have faced as they prepare to comply with the rule, which goes into effect on April 5th.

Read more...

Breaking Down HICP: Setting the Stage for a Safer World Online

President and CEO Gerry Blass sat down with HIMSS TV host Bill Siwicki on a recent episode of Digital Checkup. This video series features interviews with Bill and healthcare leaders and CEOs that spans a range of topics from leadership, patient access, interoperability, telehealth and more. On this specific episode, Bill asked Gerry about the new Health Information Cybersecurity Practices (HICP) Final Rule and what it means for leaders who are working to strength their organization’s cybersecurity.

Read more...

Is Meaningful Use Still Meaningful?

Originally designed as part of HITECH to encourage providers to adopt electronic health records (EHRs), meaningful use was a means to an end – towards improved population health and better patient care among fragmented providers. The program prioritized five pillars of health outcomes:

Read more...

GDPR Impact on U.S. Healthcare Organizations

The General Data Protection Regulation (GDPR) is the European Union (EU) regulation on privacy and security of personally identifiable information (PII). It goes into effect on May 25, 2018. This blog provides an important comparison between GDPR and HIPAA.

Read more...

Office of Civil Rights Phase 2 HIPAA Audit Protocols

Based on prior statements from the OCR and their recently distributed survey, the pool of audit candidates will be approximately 800 to start. These randomly selected organizations will be chosen using the National Provider Identifier database and other external sources.

Read more...