Skip to content Skip to navigation

OCR Online Platform Allows Developers to Pose HIPAA Questions

October 8, 2015
by Rajiv Leventhal
| Reprints

The Department of Health and Human Services' Office for Civil Rights (OCR) has launched a new platform allowing mobile health developers to ask questions about HIPAA privacy protection.

According to OCR, anyone may browse the site, which is on the Ideascale cloud-based idea management platform. Users who want to submit questions, offer comments on other submissions or vote on how relevant the topic is will sign in using their email address, but their identities and addresses will be anonymous to OCR. OCR will consider the input provided on this site in developing our guidance and technical assistance efforts.

Stakeholders will use this site to help OCR understand what guidance on HIPAA regulations would be helpful, the department said in an announcement. It said, “We are asking stakeholders to provide input on the following issues: What topics should we address in guidance? What current provisions leave you scratching your heads? How should this guidance look in order to make it more understandable, more accessible? Stakeholders can also use this page to submit questions about HIPAA, present a use case, or see what their peers are discussing. Users can comment on the discussions and vote on which topics or use cases would be the most helpful or important.”

In reaction to the OCR announcement, ACT | The App Association, which represents more than 5,000 app companies and IT firms in the mobile economy, said they are pleased that OCR is following through on HHS Secretary Burwell’s commitment last year to make HIPAA clear for mobile health companies. “Innovation in smartphones and tablets has made it possible for patients to monitor their own health and share critical data with physicians and loved ones. Mobile connectivity is poised to revolutionize healthcare by giving individuals greater access to their own health information and improving patient outcomes,” the association said in a statement.

However, the statement continued, “Today’s OCR announcement is a step in the right direction, but there is a lot of ground to cover. What’s most important at this stage is to provide clear and meaningful guidance to app makers about how HIPAA will be implemented in a mobile environment.” As such, the association said it has made recommendations in this area that require attention.




EHNAC and HITRUST Combine HIPAA Security Criteria, CSF Framework

The Electronic Healthcare Network Accreditation Commission (EHNAC) and the Health Information Trust Alliance (HITRUST) announced plans to streamline their accreditation and certification programs.

Halamka on MACRA Final Rule: “CMS is Listening and I Thank Them”

Health IT notable expert John Halamka, M.D., CIO of Beth Israel Deaconess Medical Center in Boston, recently weighed in on the Medicare Access and CHIP Reauthorization Act (MACRA) final rule.

Texas Patient Care Clinic Hit with Ransomware Attack

Grand Prairie, Texas-based Rainbow Children's Clinic was the victim of a ransomware attack on its IT systems in August, affecting more than 33,000 patients, according to multiple news media reports this week.

Healthcare Organizations Again Go to Bat for AHRQ

Healthcare organizations are once again urging U.S. Senate and House leaders to protect the Department of Health and Human Services’ Agency for Healthcare Research and Quality (AHRQ) from more budget cuts for 2017.

ONC Pilot Projects Focus on Using, Sharing Patient-Generated Health Data

Accenture Federal Services (AFS) has announced two pilot demonstrations with the Office of the National Coordinator for Health Information Technology (ONC) to determine how patient-generated health data can be used by care teams and researchers.

Is it Unethical to Identify Patients as “Frequent Flyers” in Health IT Systems?

Several researchers from the University of Pennsylvania addressed the ethics of behavioral health IT as it relates to “frequent flyer” icons and the potential for implicit bias in an article published in JAMA.