Join Webex this Wednesday, November 16 at 1:00pm ET for a Security Risk Assessment (SRA) Tool webinar. This webinar will discuss the importance and unique considerations for cyberthreats in pediatric health care settings, followed by a SRA Tool walkthrough. The webinar will be recorded and made available after the event. Questions can be directed to can be directed to COCIT@aap.org.

This two session roundtable series brought together CIOs, CISOs, and other IT leadership from health centers to discuss strategic investments in cybersecurity, including those that can leverage recent ARP funding but sustain beyond the coming years. Participants had the opportunity to connect with each other and subject matter experts about implementation, considerations, and the future of cybersecurity and data protection in health centers.

This two session roundtable series brought together CIOs, CISOs, and other IT leadership from health centers to discuss strategic investments in cybersecurity, including those that can leverage recent ARP funding but sustain beyond the coming years. Participants had the opportunity to connect with each other and subject matter experts about implementation, considerations, and the future of cybersecurity and data protection in health centers.

In March 2019, the Office of the National Coordinator for Health Information Technology (ONC) issued a Proposed Rule, 21st Century Cures Act: Interoperability, Information Blocking, and the ONC Health IT Certification Program. ONC released a final rule in March 2020, published in the Federal Register on May 1, 2020. The Final Rule on Information Blocking prohibits actors from blocking the exchange of electronic health information and seeks to increase the ease and choices available for patients to access their data. 

New guidelines from SAMHSA released in July 2020 are designed to improve coordination of care for patients in treatment for substance disorder, while protecting confidentiality against unauthorized disclosure and use of patient information. View this HITEQ webinar on changes to SAMHSA’s 42 CFR Part 2 rule (Part 2) which protects individuals receiving substance use disorder treatment by defining privacy and security requirements for written, electronic and verbal information. This webinar features expert presenters from the University of New Hampshire Institute for Health Policy and Practice and the Center of Excellence for Protected Health Information who present on the new final Part 2 rule and future changes in the CARES Act, including what has changed, what has not changed, what this means for health centers in regard to consents and disclosures, and the implications for care coordination. This presentation also addresses privacy considerations for tele-behavioral health and exceptions during the state of emergency waiver.

The United States Office for Civil Rights (OCR) is holding a free Webinar for health information technology (HIT) stakeholders on Health Insurance Portability and Accountability Act of 1996 (HIPAA) privacy and security issues related to novel coronavirus (COVID-19) and recent OCR actions related to the pandemic.

We are adding additional telehealth policy information relevant to coronavirus/ COVID-19 pandemic as it impacts health centers as it becomes available.

HHS Office of Civil Rights (OCR), the entity responsible for enforcing regulations under HIPAA, stated, effective immediately, it will exercise enforcement discretion and will not impose penalties for HIPAA violations against covered healthcare providers if patients are served on a good faith basis during the COVID-19 nationwide public health emergency. Find out what this means in implementation by accessing this issue brief.

This decision tree, developed through funding from the  Substance Abuse and Mental Health Services Administration (SAMHSA) helps organizations determine if Part 2 of CFR 42 applies to them. It should be noted that FQHCs will always be designated as “federally assisted” due to certified status as Medicaid providers and/or federal funding.

The timely exchange of health information between behavioral health providers and physical health providers to support care coordination is a critical element of the National Quality Strategy and health reform efforts. However, privacy and confidentiality concerns are currently limiting the inclusion of behavioral health data in electronic health information exchange efforts.