Header graphic for print
HIPAA, HITECH & HIT Legal Issues, Developments and Other Pertinent Information Relating To The Creation, Use and Exchange of Electronic Health Records

Tag Archives: NIST

Emailing PHI? NIST Seeks Comments on Trustworthy Email by November 30, 2015

Posted in Health IT, HIPAA Enforcement, Privacy & Security, Uncategorized

When and how should you email PHI, if at all?  The Office for Civil Rights (OCR) offers guidance as to the permissibility of sending PHI via email in this “Frequently Asked Question” answer, but doesn’t provide specifics as to how PHI can be safely emailed.  Whether you are a covered entity or a business associate… Continue Reading

5 Practical Steps for Business Associate Compliance

Posted in HIPAA Business Associates

Congratulations!  You have a HIPAA-compliant business associate (or subcontractor) agreement in place – now what? How can you implement the agreement without becoming a HIPAA guru? There are many resources available that offer detailed guidance on risk analysis and implementation protocols (such as the Guide to Privacy and Security of Electronic Health Information published by… Continue Reading

How the NIST Cybersecurity Framework Can Help With HIPAA Compliance: 3 Tips

Posted in Privacy & Security

As our partner Mark McCreary writes in his post describing the “Framework for Improving Critical Infrastructure Cybersecurity” published by the National Institute of Standards and Technology (NIST): The Framework is designed to work with businesses to reach a sufficient level of cybersecurity protection regardless of size, sector, or level of security.  The Framework consists of… Continue Reading

OIG EHR Questionnaire Focuses on Fraud Safeguards

Posted in Meaningful Use

The OIG is conducting a survey of hospitals who have certified the meaningful use of Electronic Health Record (EHR) Technology, with an emphasis on safeguards that protect the EHR systems from fraudulent access or alteration. A generous hospital compliance officer who has asked to remain nameless has provided me with a copy of the survey… Continue Reading

Fox Rothschild to Participate at NIST and CMS Security Rule Conference

Posted in Speaking Engagements & Conferences

As HITECH refocuses the health care industry’s attention on security, the role of National Institute of Standards and Technology (“NIST”) in developing standards for health information security will become more center stage.   On May 18, 2009, Fox Rothschild LLP will present at the NIST and CMS Security Rule Conference in Gaithersburg, Maryland called: “Safeguarding Health Information:… Continue Reading