The Health IT Policy Committee on June 8 made recommendations on a number of privacy and security issues, including the use of digital certificates by participants in the Nationwide Health Information Network initiative.
A provision in the proposed Accounting of Disclosures Rule mandated under the HITECH Act that calls for providing patients with an "access report" listing everyone who's electronically accessed their records is stirring up debate.
Many organizations are unprepared to adequately respond to a breach, security expert Bob Chaput says. "Breach notification planning is just a fundamental, basic part of risk management in the new millennium," he adds.
Federal authorities have issued a detailed notice of proposed rulemaking that sets out guidelines for how patients must be provided with an accounting of who has viewed their protected health information.