Last month as the health IT hordes were at HIMSS in Chicago (some of us are still catching up on everything that happened there), ONC released its revised Guide to Privacy and Security of Electronic Health Information. Read all about it on the Health IT Buzz blog. It is geared to small medical practices, with an emphasis on locally-hosted EHRs vs. cloud-based EHRs, but it is nevertheless a good resource for general consumption, filled with useful details and references. See also the ONC collection of health IT privacy and security compliance resources. Finally, ONC has jumped on the gamification bandwagon and released two privacy and security training games. (Please, no wagering!)

While the next wave of HIPAA audits still lurk beyond the horizon, ONC couldn’t be clearer in articulating its expectations for the regulated community regarding HIPAA compliance.

David Harlow
The Harlow Group LLC
Health Care Law and Consulting