Policy & Regulation Archive
By a vote of 51-0, the House Energy and Commerce Committee on Thursday approved the 21st Century Cures Act bill, including health information technology provisions potentially impacting electronic health records interoperability, regulation of software as medical devices, and Medicare reimbursement policies for telemedicine.
Some information security professionals and attorneys advise their clients to conduct social engineering tests on their workforce to see how many will click on a link in an email or website without taking a moment to consider if the link is secure.
The latest major hacking of a healthcare organizations information network, this time affecting CareFirst BlueCross BlueShield and 1.1 million of its members, reminds stakeholders that sophisticated cyber attacks quickly are becoming a game-changing development within the industry.
CareFirst BlueCross BlueShield first learned in May 2014 of malware on an information system that was hacked a month later, according to two health information security consultants. But the Blues plan apparently did not realize the malware was not completely eradicated and the system was hacked a month later.
With cyber criminals actively targeting healthcare, the threats to patient data have never been greater. However, there are some critical strategies healthcare organizations can employ for protecting patient information.
About 2,200 patients treated at multiple emergency departments in the University of Pittsburgh Medical Center delivery system are being notified of a breach of protected health information after an employee of a contractor copied and disclosed billing information.
First it was Anthem, then Premera, and now another major Blues planCareFirst BlueCross BlueShieldhas been hacked and 1.1 million members in Maryland, Virginia and the District of Columbia are affected.
As the House Energy and Commerce Committee prepares to vote tomorrow on the 21st Century Cures Act, Reps. Tim Murphy (R-Penn.) and Paul Tonko (D-N.Y.) hope to address the legal challenges of electronically exchanging behavioral health data.
A whopping 83 percent of healthcare executive respondents to a recent survey believe that the code switchover will happen on October 1, 2015, without further delays.
As part of the 21st Century Cures Acts proposed reform of regulations governing health software, Representatives Marsha Blackburn (R-Tenn.) and Gene Green (D-Tex.) have reintroduced a new version of the Sensible Oversight for Technology which Advances Regulatory Efficiency (SOFTWARE) Act. Whether the version is an improvement is up for debate.
When investigating breaches of protected health information, the HHS Office for Civil Rights has often found that organizations in many ways were not compliant with the HIPAA Security Rule to consistently secure protected health information. In particular, a risk analysis often was not performed or was done but never updated as the vulnerability landscape changed.
The House Energy and Commerce Committee will begin its markup today of the 21st Century Cures Act, with opening statements by committee members late this afternoon and the proceedings continuing tomorrow morning. However, stakeholder opinions about the proposed legislation run the gamut from praise to outright condemnation regarding such hot-button technology issues as health information technology interoperability and telehealth.
The Health Information Technology Policy Committee, which advises federal officials on health IT issues, has added three new members to its ranks.
To help healthcare industry providers recognize and realize the benefits of automation using the healthcare EFT standard and ERA, NACHA worked with provider groups to document savings realized by different sized organizations, from a single doctor micro-practice to one of the largest hospital groups in the U. S.
To address legal and technical complexities of electronically exchanging behavioral health data, the Health IT Policy Committees Privacy and Security Workgroup believes an emerging standard called Data Segmentation for Privacy (DS4P) has value.