fsgl wrote on Friday, June 20, 2014:
HITECH is the legislation which gave us Meaningful Use.
From AAO’s newsletter:
"OCR Reports More Than 15 Million Affected by Breaches of Protected Health Information
The U.S. Department of Health and Human Services Office for Civil Rights (OCR) issued two reports to Congress last week. These reports are mandated by the Health Information Technology for Economic and Clinical Health Act and are related to HIPAA violations in 2011 and 2012. These reports provide information about breaches of protected health information and violations of the HIPAA privacy and security rules. The reports also include information about past HIPAA audits, and plans for future ones. These reports provide examples to Academy members of things to be aware of and the importance of compliance with HIPAA rules.
In 2011-2012, OCR received 458 reports of breaches involving 500 or more individuals and approximately 47,000 smaller breaches involving less than 500 individuals. The most common causes of these breaches included theft, loss, unauthorized access, improper disposal and hacking.
According to the reports, 115 HIPAA audits found that small entities continue to show deficiencies with regard to the privacy, security and breach notification rules because they are unaware of the requirements. OCR plans to integrate the next round of audits into its program during 2014 and is updating protocols and new requirements. Covered entities and business associates can use the updated protocol, which will be posted to the OCR website, for their own internal compliance assessments."
The conflicting message seems to be the insistence upon EHR conversion; but if done incorrectly; there will be serious consequences, namely recoupement of the EHR bonus or worse, prosecution as provided under HIPAA.