Key Questions: What is my organization's role in ensuring privacy and security of health information in the United States? How can we integrate federal health information requirements into our organizational practices?
Everyone has a role to play in the privacy and security of electronic health information — it is truly a shared responsibility. The Office of the National Coordinator for Health Information Technology (ONC) provides resources to help you succeed in your privacy and security responsibilities. This Guide to Privacy and Security of Electronic Health Information is an example of just such a tool.
The intent of the Guide is to help health care providers ― especially Health Insurance Portability and Accountability Act (HIPAA) Covered Entities (CEs) and Medicare Eligible Professionals (EPs)1 from smaller organizations ― better understand how to integrate federal health information privacy and security requirements into their practices.
- Ch. 1 - Why Do Privacy and Security Matter?
- Ch. 2 - Your Practice and the HIPAA Rules
- Ch. 3 - Understanding Patients' Health Information Rights
- Ch. 4 - Understanding Electronic Health Records, the HIPAA Security Rule, and Cybersecurity
- Ch. 5 - Medicare and Medicaid EHR Incentive Programs Meaningful Use Core Objectives that Address Privacy
- Ch. 6 - Sample Seven-Step Approach for Implementing a Security Management Process
- Ch. 7 - Breach Notification, HIPAA Enforcement, and Other Laws and Requirements