Conducting or reviewing a security risk analysis to meet the standards of Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule is included in the meaningful use requirements of the Medicare and Medicaid EHR Incentive Programs.

The Office for Civil Rights (OCR) has recently announced the release of a new set of FAQs that seeks to address whether business associates of a HIPAA covered entity may block or terminate access by the covered entity to the protected health information maintained by the business associate for or on behalf of the covered entity.

The HHS Office for Civil Rights has started its next phase of audits of covered entities and their business associates. The 2016 Phase 2 HIPAA Audit Program will review the policies and procedures adopted and employed by covered entities and their business associates to meet selected standards and implementation specifications of the Privacy, Security, and Breach Notification Rules. 

This article from Optum provides a breakdown on Bring Your Own Device (BYOD) policy considerations based on the mix of devices your organization is trying to support, the size of your healthcare organization and implementation factors that may have an impact on success.

This guide provides examples and overviews of patient portal considerations for minors as it relates to Meaningful Use, HIPAA. state consent laws and associated policies. The articles and presentations included for download and linked to from related websites include use cases and examples from multiple states and national level guidelines.