Two new resources focused on HIPAA compliance

Two new guides are in the works to help organizations with HIPAA compliance, reports Healthcare Info Security.

One is a free security risk assessment tool for small providers. A risk assessment is required under the HIPAA Security Rule and Stage 2 of Meaningful Use calls for an analysis that, among other things, addresses the use of encryption for stored patient information.

During the American Medical Informatics Association Annual Symposium in Washington, D.C., last month, Joy Pritts, ONC chief privacy officer, said her office and the U.S. Department of Health & Human Services' Office for Civil Rights are working together on the new tool, due to be released in the new year.

An ONC spokesman told Healthcare Info Security that the tool is designed to help small practices "evaluate the administrative, technical and physical safeguards in their organizations as required under the HIPAA Security Rule."

The Civil Rights office and the Centers for Medicare and Medicaid Services also are developing a video focused on privacy and security issues tied to Meaningful Use.  

Given the prevalence of healthcare breaches attributed to lost or stolen laptops and unencrypted storage devices, practices can use all the help they can get. The two offices already have produced a number of online guides and videos to help improve health data privacy and security, including a primer on encryption for mobile devices.

Tony Gilman, executive director of the Texas Health Services Authority (THSA) and Daniel Nutkis, chief executive officer of the Health Information Trust Alliance (HITRUST) recently spoke with FierceEMR about how organizations participating in a new certification program in Texas can demonstrate their dedication to protecting patients' health information.

To learn more:
- read the article
- find the guide to encryption