HIPAA risk assessment

THE HIPAA SECURITY RISK ANALYSIS

Margaret Young Levi Electronic Health Records, Eligible Professional Incentives, Federal Law Resources, Health Information Technology, HITECH Law, Hospital EHR Incentives, Meaningful Use, Physician EMR Stimulus , ,

businessman looking over his glasses with clipboard on hand - frUnder the Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH Act), eligible hospitals and critical access hospitals and eligible professionals must make a “meaningful use” of “certified electronic health technology” or face reductions in Medicare reimbursement. Conducting or reviewing a security risk analysis is a core objective in the meaningful use requirements of the Medicare and Medicaid electronic health record (“EHR”) incentive programs. These security risk analyses have been Continue reading

Conducting HIPAA Breach Risk Assessments Using the “LoProCo” Analysis

Margaret Young Levi Federal Law Resources, Health Information Technology, HITECH Law, Privacy & Security , , , , , , , ,

by Margaret Young Levi and Kathie McDonald-McClure

clip_image009The U.S. Department of Health & Human Services Office for Civil Rights (“OCR”) has a new acronym, “LoProCo,” relating to assessing data breaches under HIPAA, as amended by the Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009 and the HIPAA Omnibus Rule that became effective March 26, 2013.

It is OCR’s position that a breach is Continue reading