New guidelines from SAMHSA released in July 2020 are designed to improve coordination of care for patients in treatment for substance disorder, while protecting confidentiality against unauthorized disclosure and use of patient information. View this HITEQ webinar on changes to SAMHSA’s 42 CFR Part 2 rule (Part 2) which protects individuals receiving substance use disorder treatment by defining privacy and security requirements for written, electronic and verbal information. This webinar features expert presenters from the University of New Hampshire Institute for Health Policy and Practice and the Center of Excellence for Protected Health Information who present on the new final Part 2 rule and future changes in the CARES Act, including what has changed, what has not changed, what this means for health centers in regard to consents and disclosures, and the implications for care coordination. This presentation also addresses privacy considerations for tele-behavioral health and exceptions during the state of emergency waiver.

The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the U.S. Department of Health and Human Services (HHS) have announced an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers.  
 
CISA, FBI, and HHS have released AA20-302A Ransomware Activity Targeting the Healthcare and Public Health Sector that details both the threat and practices that healthcare organizations should continuously engage in to help manage the risk posed by ransomware and other cyber threats. The advisory references the joint CISA MS-ISAC Ransomware Guide that provides a ransomware response checklist that can serve as a ransomware-specific addendum to organization cyber incident response plans. 

It has been noted that hackers are using Ryuk ransomware — malicious software used to encrypt data and keep it locked up — and the Trickbot network of infected computers to steal data, disrupt health care services and extort money from health care facilities. Such data hijacking often cripples online systems, forcing many to pay up to millions of dollars to restore their services.

Find links and further documentation below

This printable PDF checklist provides a guide for health center staff to mitigate cybersecurity risks and threats during times of emergency and incident response that have them working remotely from the health center.

We are adding additional telehealth policy information relevant to coronavirus/ COVID-19 pandemic as it impacts health centers as it becomes available.

Health centers are having to dramatically change approaches to patient care as the COVID-19 public health emergency keeps patients at home and ramps up the demands of telehealth and other remote care modalities. This resource is a quick start guide for health centers making this change.