Expanded Privacy and Security Tools Coming To Help Providers
February 20, 2014
The Office of the National Coordinator for Health Information Technology is collaborating with partners to make resources readily available and easy to use, said speakers at HIMSS14 on Tuesday.
The challenge will be making sure governmental policies are workable and protective, while making sure providers understand the rules in order to educate staff and patients on what is required, said Joy Pritts, JD, chief privacy officer at ONC.
“We all know that if you make this too hard, people just won’t do it,” Pritts said.
Overall, ONC’s goal is to inspire confidence and trust, she continued. To that end, ONC offers a variety of resources to providers, including:
- A training game focusing on cybersecurity that focuses on disaster planning, data backup and recovery, and other elements of contingency planning.
- Templates for generating Notices of Privacy Practices.
- Customizable tools to help patients make meaningful consent decisions.
Also, coming soon, providers will be able to access a downloadable security risk assessment tool, said Laura Rosas, JD, senior policy advisor at the Office of the Chief Privacy Officer.
“One of the things we’ve heard over and over is that small practices don’t really understand what a risk assessment is and what the process entails,” said Rosas. “And we know from Office for Civil Rights audits that these practices simply aren’t doing the assessment.”
Rosas said the tool will help providers grasp their compliance obligations in regard to the HIPAA security rule – and provide a means of documenting their activities.
“We are committed to making these tools useful,” added Pritts. “If we can’t get this message out to the people who need it, we’re not really succeeding.”
Providers can find these resources on HealthIT.gov.
Article written by Frank Irving