HIPAA Security Guidance for Remote Use of and Access to Electronic Protected Health Information

January 25th, 2007

The Centers for Medicare & Medicaid Services (CMS) has prepared guidance to provide HIPAA covered entities with general information on the risks and possible mitigation strategies for remote use of and access to Electronic Protected Health Information (EPHI).

CMS has delegated authority to enforce the non-privacy provisions of the HIPAA Regulations, to include HIPAA Security. This guidance document sets forth CMS’ minimal compliance expectations for covered entities seeking to safeguard EPHI that is accessed, stored or transported offsite. Please note however that this document does not seek to provide a comprehensive list of risks and mitigation strategies but rather a general list of suggestions for organizations that require remote use of sensitive health information.

To view, click on:

HIPAA Security Guidance for Remote Use of and Access to Electronic Protected Health Information (pdf)

Entry Filed under: News

Heather Cook Skelton
Attorney at Law

Expertise for the specialized medical practice