Internet Lawyer: DBLG: HITECH / HIPAA Archived Newsletters

This page contains an archive of The Digital Business Law Group's monthly HITECH / HIPAA Compliance Newsletters. Each month's issue will contain a "Quick Link" to this page so that readers can easily find content they may want to reference. This also allows new subscribers to go back and get caught up on topics previously covered. The current issue of the newsletter is not available here until after the month in which it was issued. To get the current version you can subscribe to our FREE HITECH / HIPAA Compliance Newsletter here. if you are interested in a FREE EHR Software Checklist click here or in a FREE Online Backup Checklist then click here

Need a HITECH Business Associate Contract? Check out the HSG Store.

July 2010

The featured article this month is entitled: "HITECH Breach Notification Framework: an Overview."

This article presents an overview of issues that covered entities ("CE") face when confronted with a breach of PHI and its corresponding reporting requirements under HITECH. To say that the HITECH Act changes everything with respect to breach notification is not hyperbole. There were no equivalent breach notification requirements under HIPAA, and therefore, HITECH introduces and entirely new regulatory regime in this regard. HITECH's breach notification requirements also have implications with respect to business associates, and with respect to the relationship between a business associate and a covered entity.

June 2010

This month's featured article is entitled: "Business Associate Contracts: HITECH Implications."

All business associate contracts will have certain key sections as required by the regulations. This article walks you through each key section from our perspective, highlighting issues that you should consider before entering into a binding agreement. It should be noted that these issues will obviously vary with the individual party using the agreement, and whether or not your organization is a Covered Entity ("CE") or a Business Associate ("BA").

May 2010

This month's featured article is entitled: "Business Associates: That was then, this is now."

April 2010

This month's featured article is entitled: Change is Hard: EHR Implementations, Compliance Touch Points & Chaos Theory.

It is a "concept article' with the following introduction:

We understand that this newsletter has introduced concepts (e.g. wicked problems and agile methodologies) that may be foreign to healthcare providers. There are several reasons why we have felt compelled to do so: 1) we are bona fide geeks and can't help ourselves; and 2) more importantly, we believe that maybe (just maybe) some of our readers might benefit from our lessons learned (the hard way) in other industries.

March 2010

This month's featured article is entitled: The HITECH Act One Year Out: Real Healthcare Reform?

It explores where we have been under HITECH and where we are likely headed. It attempts to provide a big picture view of more than just the regulatory impact, but rather discusses the convergence of law, policy and technology as the real foundation for change. All three combined will produce unprecedented change in the healthcare industry. Why? Because these three meta-concepts are inextricably linked. Trying to understand any one of them without considering the other two is an exercise in futility.

February 2010

This month's featured article is entitled: HHS' Interim 'Meaningful Use' Regulations (Part 2)."

It is a continuation of the guest article by Deborah Leyva, RN, BSN, contained in January's newsletter. The focus of our newsletter has been primarily on providing a better understanding of the HITECH / HIPAA requirements and on providing insights into strategies that will help providers and facilities meet the objectives of the new regulations. January's guest article began with a discussion of the changes made by ONC and HHS for the first Policy Priority specified by the HIT Policy Committee, covering specifications for Stage I - 2011 Meaningful Use criteria, subsequent to the announcement by ONC and HHS, on December 30th.

January 2010

This month's featured article is entitled: The Compliance Crisis: Top Five Strategies Guaranteed to Fail.

The focus of our newsletter has been primarily on providing a better understanding of the HITECH / HIPAA requirements and on providing insights into strategies that will help providers and facilities meet the objectives of the new regulations. However, it is often just as useful to examine the status quo and to analyze why existing strategies will no longer work in this new regulatory environment, perhaps more so.The article five compliance strategies guaranteed to fail are as follows: (1) ostrich; (2) our staff's on top of it; (3) members of our legal team are compliance experts; (4) not invented here--healthcare is so different; and (5) the docs know best .

December 2009

The featured article this month is entitled: Understanding HITECH / HIPAA Risk Management Frameworks.

These frameworks are targeted to executives and others who require strategic guidance during these uncertain times. Now that the healthcare marketplace is starting to recognize the scope and magnitude of the HITECH Act, we felt it was necessary to take a step back and provide executive management teams (and other mission critical management staff) our perspective on how to move forward in a responsible and rigorous manner, especially in this highly competitive economic environment that mandates effective cost control. In short, how can an organization achieve HITECH / HIPAA compliance without breaking the bank?

November 2009

The featured article this month is entitled: The Intersection of HITECH/HIPAA and Meaningful Use: Part IV: HITECH/HIPAA and Meaningful Use Part IV: Attacking the HIPAA Security Rule (Hug the Monster: Redux).

It is the fourth in a series of featured articles over the next few months that will discuss the transformational impact that the HITECH Act is likely to have on HIPAA's regulatory environment. This featured article explores the HIPAA Security Rule in the second of two parts that discusses "the monster."

October 2009

The featured article this month is entitled: The Intersection of HITECH/HIPAA and Meaningful Use: Part III: Attacking the HIPAA Security Rule (Hug the Monster).

It is the third in a series of featured articles over the next few months that will discuss the transformational impact that the HITECH Act is likely to have on HIPAA's regulatory environment. This featured article explores the HIPAA Security Rule in the first of two parts that discusses "the monster."

September 2009

The featured article this month is entitled: The Intersection of HITECH/HIPAA and Meaningful Use: Part II.

It is the second in a series of featured articles over the next few months that will discuss the transformational impact that the HITECH Act is likely to have on HIPAA's regulatory environment. This featured article explores why an EHR/HITECH/HIPAA implementation is a "wicked problem."

August 2009

The featured article this month is entitled: The Intersection of HITECH/HIPAA and Meaningful Use: Part I.

It is the first in a series of featured articles over the next few months that will discuss the transformational impact that the HITECH Act is likely to have on HIPAA's regulatory environment. This featured article introduces key aspects of the HITECH Act and why they collectively constitute a game changer.