Guidance from the Office for Civil Rights on your right to access your health records
From the HHS Office for Civil Rights website: Ask your doctor. You have the right to see and get copies of your health information - PDF. In most cases, you can get a copy the way you want it, such as by e-mail. While your doctor normally has up to 30 days to provide you a copy of your information, your doctor often can provide the information much sooner than that. If your doctor offers a web portal, you may be able to easily view and download your health information whenever you want.
Official guidance from the Office for Civil Rights
As Hurricane Florence makes landfall, the HHS Office for Civil Rights (OCR) and its federal partners remain in close coordination to help ensure that emergency officials effectively address the needs of at-risk populations as part of disaster response. If you believe that a person or organization covered by the Privacy and Security Rules (a "covered entity") violated your health information privacy rights or otherwise violated the Privacy or Security Rules, you may file a complaint with OCR. For additional information about how to file a complaint, visit OCR's web page on filing complaints at http://www.hhs.gov/ocr/privacy/hipaa/complaints/index.html.
Journal of the American Medical Association with an updated article from the BMJ
In the article titled, "Can Patients Make Recordings of Medical Encounters?" from the JAMA Network authors Elwyn, Barr, and Castaldo discuss some of the broader legalities of making a recording while visiting your doctor.
Making a recording that you can add to your personal health record can be a great way of maintaining documentation and accountability for your care, as well as assist you and your family in remembering instructions given to you by your care provider.
Understanding the legalities can help ensure this is a positive experience for both you and your doctor and will allow you to make recordings that are admissible in court if needed.
An Office of the National Coordinator published web guide
This newly published web guide from ONC titled, "The Guide to Getting & Using Your Health Records: The steps, tips, and tools you’ll need to get, check, and use your health record" helps to instruct consumers on how to get their health record from healthcare providers, their rights to those records, and some specific ways in which to get a hold of that information.
An article from Health IT Buzz
Have you ever wondered what a health information technology (health IT) developer’s share of meaningful use eligible hospitals looked like compared to its peers? How about the same for eligible clinicians under the Quality Payment Program (QPP)? Well, look no further. Today, the Office of the National Coordinator for Health Information Technology (ONC) published two […]
The post Visualized: Mashing up 2015 Edition Certification and Progress Attestation Requirements appeared first on Health IT Buzz.
I woke up to a flood of news about ransomware today. By virtue of being down here in Australia, a lot happens in business hours around the world while we're sleeping but conversely, that's given me some time to collate information whilst everyone else is taking a break. The WannaCry incident is both new and scary in some ways and more of the same old stuff in others. Here's what I know and what the masses out there need to understand about this and indeed about ransomware in general.
Guidance from the U.S. Department of Human Services
From the HHS Ransomware Fact Sheet:
A recent U.S. Government interagency report indicates that, on average, there have been 4,000 daily ransomware attacks since early 2016 (a 300% increase over the 1,000 daily ransomware attacks reported in 2015).1 Ransomware exploits human and technical weaknesses to gain access to an organization’s technical infrastructure in order to deny the organization access to its own data by encrypting that data.
But were afraid to ask...
From the Troy Hunt article:
"The indictment also suggest that the hackers, in most cases, did not employ particularly sophisticated methods to gain initial entry into the corporate networks. The papers show that in most cases, the breach was made via SQL injection flaws -- a threat that has been thoroughly documented and understood for well over than a decade."
A Health Resources & Services Administration YouTube video
HRSA’s mission is to improve health and achieve health equity through access to quality services, a skilled health workforce, and innovative programs. This video provides an overview of how to utilize the Data by Geography tool that helps outline HRSA’s investments nationwide or by a geographic area, including: HHS region, state, county, congressional district, and ZIP Code.
A resource from the US Office for Civil Rights
From the OCR website:
We are experiencing an explosion of technology using data about the health of individuals in innovative ways to improve health outcomes. Building privacy and security protections into technology products enhances their value by providing some assurance to users that the information is safe and secure and will be used and disclosed only as approved or expected. Such protections are sometimes required by federal and state laws, including the HIPAA Privacy, Security and Breach Notification Rules.
Health app rankings by clinicians, researchers, & patients
From the Ranked Health website:
RANKED Health is a project run by the Hacking Medicine Institute (HMi), a non-profit organization spun out of MIT’s Hacking Medicine program. This project is designed to review and rank healthcare focused applications, providing independent, unbiased and accurate information to accelerate patient and provider adoption of clinically proven and high-quality digital health solutions. In addition to identifying best-in-class healthcare applications for better health monitoring and disease management, RANKED Health also helps uncover unsafe and ineffective apps on the market.
Find out which federal laws you need to follow
From the Federal Trade Commission website:
Does your mobile app collect, create, or share consumer information? Does it diagnose or treat a disease or health condition? Then this tool will help you figure out which – and it may be more than one – federal laws apply. It’s not meant to be legal advice about all of your compliance obligations, but it will give you a snapshot of a few important laws and regulations from three federal agencies.
Sample Business Associate Agreement Provisions provided by the Office of Civil Rights
From the OCR website:
A “business associate” is a person or entity, other than a member of the workforce of a covered entity, who performs functions or activities on behalf of, or provides certain services to, a covered entity that involve access by the business associate to protected health information. A “business associate” also is a subcontractor that creates, receives, maintains, or transmits protected health information on behalf of another business associate.
National Quality Forum HIT Safety Report
From the NQF website:
"In order to address the rapidly-evolving area of HIT and its intersection with quality and outcomes, NQF initiated a project to develop a set of recommendations around the measurement of HIT-related safety issues."
The fiscal impact of data breach
I get a lot of people popping up with data breaches for Have I been pwned (HIBP). There’s an interesting story in that itself actually, one I must get around to writing in the future as folks come from all sorts of different backgrounds and offer up data they’ve come across in various locations. Recently someone sent me a list of various data breaches they’d obtained.
Important changes to how Medicare pays those who give care to Medicare beneficiaries
From the CMS YouTube page: During this MLN Connects® video, CMS subject matter experts provide an overview of the Medicare Access and CHIP Reauthorization Act (MACRA), which makes three important changes to how Medicare pays those who give care to Medicare beneficiaries:
- Ending the Sustainable Growth Rate (SGR) formula that determines Medicare payments for services
- Making a new framework to reward health care providers for giving better care
- Combining our existing quality reporting programs into one new system
Capital Grant Progress ReportThis video describes how to complete a Capital Grant Progress Report.
Electronic Handbooks (EHBs) Patient Target Management for Health CentersThis webinar provides details on the patient target management module, in the HRSA Electronic Handbooks, or EHBs.
FY 2021 Health Center Program Service Expansion School Based Service Sites SBSSFY 2021 Health Center Program Service Expansion –School-Based Service Sites (SBSS) Question and Answer Session for Applicants.
Advancing Adolescent and Young Adult Health in the COVID-19 Pandemic: Responses and AdaptationsEnRICH webinar: Advancing Adolescent and Young Adult Health in the COVID-19 Pandemic: Responses and Adaptations.
Recorded February 23, 2021.
FY 2021 Health Center Program Service Expansion School-Based Service Sites (SBSS)FY 2021 Health Center Program Service Expansion –School-Based Service Sites (SBSS) Question and Answer Session for Applicants.
SACIM January 26 Meeting Day 2Visit www.hrsa.gov.
SACIM January 25 Meeting Day 1Visit www.hrsa.gov.
ACHDNC February 11, 2021 Day 1Visit www.hrsa.gov.
ACHDNC February 12, 2021 Day 2Visit www.hrsa.gov.
Responding to Submissions from ConditionsThe purpose of this video is to show HRSA grantees how to respond to a submission that resulted from a condition on their Notice of Award. We will walk through the steps of reviewing the submission in the EHBs and show how to find the details of the condition and NoA that triggered the submission.
Grant Folder Overview for GranteesThis video provides a walkthrough of the Grant Folder for Grantees. Grantees will learn how to navigate to the Grant Folder, find helpful information about the grant, manage users, work on submissions, and request prior approvals.
How to Access Funding OpportunitiesThis video provides an overview of how applicants can access funding opportunities in the EHBs and Grants.gov.
HRSA Data Warehouse TrainingOverview and demonstration of HRSA Data Warehouse.
Date: February 2, 2021
How to Review Other SubmissionsLearn how different HRSA roles review a submission, find helpful information in a submission review, and navigate the submission review steps.