IMPORTANT INFORMATION:  On May 11, 2012, the online news feed Modern Healthcare posted this story.  Let me emphasize that I have been strongly opinionated about our need for excellent privacy and security standards in our practices as many are not consistent with these controls.  Note the comment that it is the clinician, not the vendor, who is ultimately responsible for data security.

— Scott Jens, OD, FAAO – CEO RevolutionEHR

ONC Releases Privacy Guide

To help healthcare practitioners and their staffs better understand the roles of privacy and security in using electronic health records, HHS’ Office of the National Coordinator for Health Information Technology’s Office of the Chief Privacy Officer has posted a Guide to Privacy and Security of Health Information, a 47-page guide listing resources, requirements and tips.

“Do not forget that an EHR represents a unique and valuable human being: it is not just a collection of data that you are guarding – it’s a life,” it’s stated at the beginning of the guide. It also reminds clinicians that they – and not their vendors – are responsible for data security.

The document also lists patients’ rights including the right to inspect copies of health information about themselves that are held by covered entities or a practice’s business associates, to correct inaccurate entries, and to restrict use or disclosure of their information.

For the ONC GUIDE:
http://www.healthit.gov/sites/default/files/pdf/privacy/privacy-and-security-guide.pdf