New ONC guide explains EHR privacy, security to providers

See on Scoop.ithealthcare technology

Privacy and security take center stage in a new instructional guide unveiled by the Office of the National Coordinator for Health IT this week. The guide–a collaboration of ONC’s Office of the Chief Privacy Officer and the American Health Information Management Association (AHIMA) Foundation–is designed to teach healthcare professionals about the roles of privacy and security in the use of electronic health records (EHRs) and in Meaningful Use.

The 47-page “Guide to Privacy and Security of Health Information” includes sections on Meaningful Use, security risk analysis, and working with health IT vendors, as well as a privacy and security action plan. In addition, it includes lengthy explanations of the HIPAA privacy and security rules.


The manual explains in detail the two core Meaningful Use Stage 1 requirements related to privacy and security. The first is the requirement that patients who request it be supplied with an electronic copy of their health information within three business days. This access is mandated by the HIPAA privacy rule, which is imbedded in the Meaningful Use criteria.

Providers who want government incentives for Meaningful Use of electronic health records also must conduct a security risk analysis of their EHRs, as required by the HIPAA security rule. The guide defines a security risk analysis and shows how to conduct it.


See on


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s