 
| Subject: | |
| From: | |
| Reply To: | |
| Date: | Tue, 22 Jan 2013 08:44:31 -0800 |
| Content-Type: | text/plain |
| Parts/Attachments: |
|
|
A follow-on to the discussions about Electronic Health/Medical Records last
week...
http://goo.gl/8Y7Dq
In meaningful use stage 2, providers have two security requirements:
Perform a security risk assessment and attest to that and explicitly
address encryption, said Lisa Gallagher, director of privacy and security
for HIMSS.
“Those things are not affected by any changes in HIPAA. The security rule
remains structurally the same. It’s risk-based,” she said.
To protect consumers in an era of growing exchange of health information,
the final rule is by and large what was in the draft rule, including
patient rights to access their own data, but “it’s definitely moving in
that direction,” Gallagher said.
The increased enforcement in the final rule, including audits, increased
penalties and the expansion to business associates to comply like covered
entities, along with the surge in reported data breaches may send a message
to the industry that it’s time to comply.
According to the most recent HIMSS survey, “we did see an uptick in the
number of organization doing a risk assessment,” Gallagher said.
Larry
[log in to unmask]
--
*Lawrence J. Medina
Danville, CA
RIM Professional since 1972*
List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance
To unsubscribe from this list, click the below link. If not already present, place UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the message.
mailto:[log in to unmask]
|
|
|
