Skip to search.

Breaking News Visit Yahoo! News for the latest.

×Close this window

ShareHIPAA · Share HIPAA
  • Members Only
  • Post
  • Files
  • Photos
  • Links
  • Database
  • Polls
  • Calendar

The Yahoo! Groups Product Blog

Check it out!

Group Information

  • Members: 2121
  • Category: Health Care
  • Founded: Mar 12, 2003
  • Language: English
? Already a member? Sign in to Yahoo!

Yahoo! Groups Tips

Did you know...
Real people. Real stories. See how Yahoo! Groups impacts members worldwide.

Messages
Message #
Search:
Advanced
 Messages Help
Messages
Topics
Hot Topics
Messages 742 - 771 of 793   Oldest  |  < Older  |  Newer >  |  Newest
Messages: Show Message Summaries Sort by Date ^  
#742 From: "David A. Feinberg, C.D.P." <DAFeinberg@...>
Date: Sun Aug 21, 2011 2:16 pm
Subject: August 21, 2011 -- HIPAA's Fifteenth Birthday 		dafeinberg
Send Email Send Email
 
I posted some historical highlights in LinkedIn group HIPAA 411 at
 
                    DAF
 
 

Reply | Messages in this Topic (1)
#743 From: "David A. Feinberg, C.D.P." <DAFeinberg@...>
Date: Wed Sep 7, 2011 9:27 pm
Subject: Fw: Nineteenth National Provider Call: Medicare FFS Implementation of HIPAA Version 5010 and D.0 Transactions 		dafeinberg
Send Email Send Email
 
----- Original Message -----
Sent: Wednesday, September 07, 2011
Subject: National Provider Call: Medicare FFS Implementation of HIPAA Version 5010 and D.0 Transactions - Register Now

National Provider Call:  Medicare FFS Implementation of HIPAA Version 5010 and D.0 Transactions – Register Now

Wed Sep 14; 2-3:30pm ET

 

CMS will host its nineteenth National Education Call regarding Medicare FFS’s implementation of HIPAA Version 5010 and D.0 transaction standards.

 

Target Audience:  Vendors, clearinghouses, and providers who need to make Medicare FFS-specific changes in compliance with HIPAA Version 5010 requirements.

 

Agenda (there will be no slide presentation for this call):

  • HIPAA Version 5010 Status Update
  • Question & Answer Session

 

If you would like to submit a question related to this topic in advance of, during, or following the call, please email your inquiry to the 5010 FFS Information resource mailbox at 5010FFSinfo@....  Note that this resource will only accept emails the day before, the day of, and the day after this call; your emailed questions will be answered as soon as possible, and may not be answered during the call.

 

Registration Information:  In order to receive the call-in information, you must register for the call.  Registration will close at 2pm on Tue Sep 13 or when available space has been filled; no exceptions will be made, so please register early.  For more details, including instructions on registering for the call, please visit http://www.eventsvc.com/PalmettoGBA/091411.

 

###

 


Reply | Messages in this Topic (1)
#744 From: "Barby McGowin" <barbaramcgowin@...>
Date: Wed Sep 14, 2011 1:52 pm
Subject: Appointment of Leon Rodriguez as Director of the HHS Office for Civil Rights 		hitrecruiting
Send Email Send Email
 

From: OCR HIPAA Privacy Rule information distribution [mailto:OCR-PRIVACY-LIST@...] On Behalf Of OS OCR PrivacyList, OCR (HHS/OS)
Sent: Tuesday, September 13, 2011 4:15 PM
To: OCR-PRIVACY-LIST@...
Subject: Secretary Sebelius announces appointment of Leon Rodriguez as Director of the HHS Office for Civil Rights

 

September 13, 2011

HHS Secretary Kathleen Sebelius announced today that Leon Rodriguez has been appointed as Director, Office for Civil Rights (OCR).  Rodriguez most recently served as Chief of Staff and Deputy Assistant Attorney General for the Department of Justice Civil Rights Division.

From May 2007 to January 2010, Rodriguez served as the County Attorney for Montgomery County, Maryland, where he led efforts to provide legal advice and services to County departments, agencies, boards, and commissions, as well as the County Council.

From May 2001 to May 2007, he was a shareholder in the Health Law department of Ober, Kaler, Grimes & Shriver.  In 2004, Rodriguez was named “Outstanding Health Care Litigator” by Nightingale Health Care News.  While in private practice, he served on the board of the Montgomery County Primary Care Coalition, an organization that developed and implemented health care programs for uninsured County residents.

For thirteen years prior to entering private practice, Rodriguez was a federal and state prosecutor in various jurisdictions.  From 1997 to 2001, he was an Assistant U.S. Attorney in Pittsburgh, Pennsylvania assigned to the prosecution of health care fraud cases.  Leon served as the First Assistant U.S. Attorney from 1999-2001, and as the Chief of the White Collar Crimes Section from 1998-1999.  From 1994 – 1997, he served as a trial attorney in the Criminal Section of the U.S. Department of Justice, Civil Rights Division.  Prior to his first DOJ stint, he was an Assistant District Attorney in Brooklyn, NY for six years.

Leon Rodriguez is a graduate of Brown University and Boston College Law School and is fluent in Spanish and French.

Read the HHS Press Release.

 


Reply | Messages in this Topic (1)
#745 From: "Barby McGowin" <barbaramcgowin@...>
Date: Tue Sep 20, 2011 12:13 pm
Subject: Initial Public Draft (IPD) of Special Publication 800-30, Revision 1, Guide for Conducting Risk Assessments 		hitrecruiting
Send Email Send Email
 

 

 

From: NIST Computer Security Resource Center [mailto:csrc.nist@...]
Sent: Monday, September 19, 2011 10:57 PM
To: barbaramcgowin@...
Subject: Initial Public Draft (IPD) of Special Publication 800-30, Revision 1, Guide for Conducting Risk Assessments

 

September 19, 2011:

NIST Computer Security Division is proud to announce the release of:
Initial Public Draft (IPD) of Special Publication 800-30, Revision 1, Guide for Conducting Risk Assessments

Here are 2 links to where you can read the full announcement of this draft publication release along with a link to the PDF file on the CSRC website:

Draft Publications Page: http://csrc.nist.gov/publications/PubsDrafts.html#SP-800-30-Rev.%201

CSRC News Page: http://csrc.nist.gov/news_events/index.html#sept19


Reply | Messages in this Topic (1)
#746 From: "Barby McGowin" <barbaramcgowin@...>
Date: Tue Oct 4, 2011 1:45 am
Subject: 2 New NIST Draft Special Publications: Guidelines for Securing Wireless LANSs and Guide to Bluetooth Security 		hitrecruiting
Send Email Send Email
 

From: NIST Computer Security Resource Center [mailto:csrc.nist@...]
Sent: Monday, October 03, 2011 1:28 PM
To: barbaramcgowin@...
Subject: NIST Released 2 Draft Special Publications: 800-153, Guidelines for Securing Wireless Local Area Networks and 800-121 Rev. 1 Guide to Bluetooth Security

 

NIST Computer Security Division is proud to announce the release of 2 Draft Special Publications (SP).  See below for the titles of the 2 Draft SPs along with URLs to view the full announcement and also to download/view the document (PDF):

DRAFT SP #1:
Draft Special Publication 800-153, Guidelines for Securing Wireless Local Area Networks (WLANs)

URL Drafts page:
http://csrc.nist.gov/publications/PubsDrafts.html#SP-800-153

 

DRAFT SP #2:
Draft Special Publication 800-121 Revision 1, Guide to Bluetooth Security

URL Drafts page:
http://csrc.nist.gov/publications/PubsDrafts.html#SP-800-121-Rev.%201


You can also review the same announcement to the above 2 Draft SPs from the CSRC News/Announcement page:
http://csrc.nist.gov/news_events/index.html#sept29

Please note - we have received several emails in the past from folks unable to view the PDF file through the web browser.  We have advised folks to place the mouse cursor over the link, then RIGHT click with the mouse.  A menu bar will appear and choose this option "Save Target As" or "Save File As", save the PDF file to your system (make sure you know the directory path that you saved the PDF file to).  Then open the PDF from your system.

 


Reply | Messages in this Topic (1)
#747 From: "Barby McGowin" <barbaramcgowin@...>
Date: Tue Oct 4, 2011 1:46 am
Subject: NIST Computer Security Division Released 2 Special Publications: SP 800-126 Rev. 2 and SP 800-137 (see email for titles of documents) 		hitrecruiting
Send Email Send Email
 

NIST Computer Security Division is proud to announce the release of 2 Special Publications (approved final).  See below for details --

Note:  If you are having trouble opening the PDF to any of these 2 SPs, try placing your mouse cursor over the link to the PDF file, then right click with your mouse and choose "Save Target As" or "Save File As".  Save/Download the PDF file to your system.  Remember what directory you saved the PDF file to so you can open it once it is downloaded to your system.

Publication #1:
Special Publication 800-126 Revision 2, The Technical Specification for the Security Content Automation Protocol (SCAP): SCAP Version 1.2

To view the announcement of release on CSRC News page:
http://csrc.nist.gov/news_events/index.html#sept30

PDF link to document:
http://csrc.nist.gov/publications/nistpubs/800-126-rev2/SP800-126r2.pdf

Location of document on the Special Publications page:
http://csrc.nist.gov/publications/PubsSPs.html#800-126-rev2

 

Publication #2:
Special Publication 800-137, Information Security Continuous Monitoring (ISCM) for Federal Information Systems and Organizations

CSRC News page
http://csrc.nist.gov/news_events/index.html#sept30a
(2nd announcement from top)

PDF link to document:
http://csrc.nist.gov/publications/nistpubs/800-137/SP800-137-Final.pdf

Location of document on the Special Publications page:
http://csrc.nist.gov/publications/PubsSPs.html#800-137

Please note - we have received several emails in the past from folks unable to view the PDF file through the web browser.  We have advised folks to place the mouse cursor over the link, then RIGHT click with the mouse.  A menu bar will appear and choose this option "Save Target As" or "Save File As", save the PDF file to your system (make sure you know the directory path that you saved the PDF file to).  Then open the PDF from your system.


Reply | Messages in this Topic (1)
#748 From: "David A. Feinberg, C.D.P." <DAFeinberg@...>
Date: Wed Oct 26, 2011 12:18 am
Subject: Fw: Twentieth National Provider Call: Medicare FFS Implementation of HIPAA Version 5010 and D.0 Transaction Standards - Register Now 		dafeinberg
Send Email Send Email
 
----- Original Message -----
Sent: Tuesday, October 25, 2011
Subject: National Provider Call: Medicare FFS Implementation of HIPAA Version 5010 and D.0 Transaction Standards - Register Now

National Provider Call:  Time is running out: Medicare FFS Implementation of HIPAA Version 5010 and D.0 Transaction Standards – Register Now

Wed Nov 9; 1:30-3pm ET

 

CMS will host its twentieth National Education Call regarding Medicare Fee-For-Service (FFS) implementation of HIPAA Version 5010 and D.0 transaction standards.

 

Target Audience:  Vendors, clearinghouses, and providers who need to make Medicare FFS-specific changes in compliance with HIPAA Version 5010 requirements.

 

Agenda (there will be no slide presentation for this call):

  • Medicare FFS would like to address:  What is preventing you or your customers from transitioning to HIPAA 5010 or D.0?
  • Open Discussion

 

If you would like to submit a question related to this topic in advance of, during, or following the call, please email your inquiry to the 5010 FFS Information resource mailbox at 5010FFSinfo@....  Note that this resource will only accept emails the day before, the day of, and the day after this call; your emailed questions will be answered as soon as possible, and may not be answered during the call.

 

Registration Information:  In order to receive the call-in information, you must register for the call.  Registration will close at 12pm on the day of the call or when available space has been filled; no exceptions will be made, so please register early.  For more details, including instructions on registering for the call, please visit http://www.eventsvc.com/blhtechnologies.

 

###

 

 


Reply | Messages in this Topic (1)
#749 From: "David A. Feinberg, C.D.P." <DAFeinberg@...>
Date: Fri Nov 11, 2011 4:29 am
Subject: Public Comment Period for Nineteen ASC X12 Version 006020 TR3s 		dafeinberg
Send Email Send Email
  
A Public Comment Period for nineteen version 006020 Accredited Standards
Committee (ASC) X12 Type 3 Technical Reports (TR3s) -- also known as
Implementation Guides -- is now in progress:  from 11/08/2011 through
1/07/2012 at 5:00 p.m. Eastern time.  Link to
http://forums.x12.org/Announcing%20a%20Public%20Review%20Period%20for%20Several%\
20ASC%20X12%20TR3s.pdf
for details.  A summary list can be found as the current last comment of
http://www.linkedin.com/groupItem?view=&gid=2473393&type=member&item=10010477&tr\
k=group_search_item_list-0-b-ttl&goback=.gmr_2473393.gna_2473393 .

                     Dave Feinberg
                     Rensis Corporation
                     206-617-1717
                     DAFeinberg@...
                     Author of  "Understanding HIPAA Communications"
                     Moderator of LinkedIn group  "HIPAA 411"

Reply | Messages in this Topic (1)
#750 From: "David A. Feinberg, C.D.P." <DAFeinberg@...>
Date: Thu Nov 17, 2011 9:45 pm
Subject: Extension to Public Comment Period for Nineteen ASC X12 Version 006020 TR3s 		dafeinberg
Send Email Send Email
  
The public comment period has been extended through 3/07/2012 at
5:00 p.m. Eastern time.     --DAF

----- Original Message -----
From: "David A. Feinberg, C.D.P."
Sent: Thursday, November 10, 2011 8:29 PM
Subject: Public Comment Period for Nineteen ASC X12 Version 006020 TR3s

A Public Comment Period for nineteen version 006020 Accredited Standards
Committee (ASC) X12 Type 3 Technical Reports (TR3s) -- also known as
Implementation Guides -- is now in progress:  from 11/08/2011 through
1/07/2012 at 5:00 p.m. Eastern time.  Link to
http://forums.x12.org/Announcing%20a%20Public%20Review%20Period%20for%20Several%\
20ASC%20X12%20TR3s.pdf
for details.  A summary list can be found as the current last comment of
http://www.linkedin.com/groupItem?view=&gid=2473393&type=member&item=10010477&tr\
k=group_search_item_list-0-b-ttl&goback=.gmr_2473393.gna_2473393 .

                     Dave Feinberg
                     Rensis Corporation
                     206-617-1717
                     DAFeinberg@...
                     Author of  "Understanding HIPAA Communications"
                     Moderator of LinkedIn group  "HIPAA 411"

Reply | Messages in this Topic (1)
#751 From: "Barby McGowin" <barbaramcgowin@...>
Date: Fri Dec 9, 2011 6:05 pm
Subject: NIST Special Publication 800-56C: Recommendation for Key Derivation through Extraction-then-Expansion is now available 		hitrecruiting
Send Email Send Email
 

 

 

From: NIST Computer Security Resource Center [mailto:csrc.nist@...]
Sent: Friday, December 09, 2011 12:44 PM
To: barbaramcgowin@...
Subject: NIST Special Publication 800-56C: Recommendation for Key Derivation through Extraction-then-Expansion is now available

 

The National Institute of Standards and Technology (NIST) is pleased to announce the release of Special Publication 800-56C. Recommendation for Key Derivation through Extraction-then-Expansion. This Recommendation specifies techniques for the derivation of keying material from a shared secret established during a key establishment scheme defined in NIST Special Publications 800-56A or 800-56B through an extraction-then-expansion procedure.

URL to SP 800-56C (PDF):
http://csrc.nist.gov/publications/nistpubs/800-56C/SP-800-56C.pdf

(note: it was approved as final Nov. 30, it wasn't posted until this week to CSRC website)




Reply | Messages in this Topic (1)
#752 From: "Barby McGowin" <barbaramcgowin@...>
Date: Fri Dec 9, 2011 6:06 pm
Subject: NIST Computer Security Division Released Draft SP 800-155 BIOS Integrity Measurement Guidelines 		hitrecruiting
Send Email Send Email
 

 

 

From: NIST Computer Security Resource Center [mailto:csrc.nist@...]
Sent: Friday, December 09, 2011 12:18 PM
To: barbaramcgowin@...
Subject: NIST Computer Security Division Released Draft SP 800-155 BIOS Integrity Measurement Guidelines

 

NIST announces the public comment release of Draft NIST Special Publication 800-155, BIOS Integrity Measurement Guidelines.

This Draft Special Publication is available on the CSRC Drafts page at:
http://csrc.nist.gov/publications/PubsDrafts.html#SP-800-155

You can also view the same announcement on the CSRC News / Announcement page as well:
http://csrc.nist.gov/news_events/index.html#dec8




Reply | Messages in this Topic (1)
#753 From: "David A. Feinberg, C.D.P." <DAFeinberg@...>
Date: Mon Dec 12, 2011 8:31 pm
Subject: Change Summaries Posted for Nineteen ASC X12 Version 006020 TR3s 		dafeinberg
Send Email Send Email
  
See the announcement at
http://forums.x12.org/ASC%20X12%20Releases%20Change%20Summaries.pdf

The public comment period closing time for these TR3s remains 3/07/2012
at 5:00 p.m. Eastern time.

                     Dave Feinberg
                     Rensis Corporation
                     206-617-1717
                     DAFeinberg@...
                     Author of  "Understanding HIPAA Communications"
                     Moderator of LinkedIn group  "HIPAA 411"

Reply | Messages in this Topic (1)
#754 From: "David A. Feinberg, C.D.P." <DAFeinberg@...>
Date: Wed Dec 14, 2011 5:36 pm
Subject: Fw: CMS Policies Regarding Enforcement for Version 005010 Transactions 		dafeinberg
Send Email Send Email
 
----- Original Message -----
Sent: Wednesday, December 14, 2011 6:59 AM
Subject: Medicare Fee-For-Service (FFS) Policy Regarding 90 Day Discretionary Enforcement Period for Non-Compliant HIPAA Covered Entities

cid:image004.jpg@01CCBA46.AB453BA0

 

Medicare Fee-For-Service (FFS) Policy Regarding 90 Day Discretionary Enforcement Period for Non-Compliant HIPAA Covered Entities 

 

CMS announced on Thu Nov 17, that it would not initiate enforcement action with respect to any HIPAA covered entity that is non-compliant with the ASC X12 Version 5010 (Version 5010), NCPDP Telecom D.0 (NCPDP D.0), and NCPDP Medicaid Subrogation 3.0 (NCPDP 3.0) standards until 90 days after the Sun Jan 1, 2012 compliance date.  Notwithstanding CMS’ discretionary application of its enforcement authority, the compliance date for use of these new standards remains Sun Jan 1, 2012.

 

The announcement can be found at http://www.CMS.gov/ICD10/02b_Latest_News.asp.

 

 

What The 90 Day Enforcement Discretionary Period Means For Medicare Fee-For-Service:

 

Medicare FFS has experienced significant increases in 5010 production transactions during the last few months.  However, there are many submitters that have tested but not taken the step to move into production for 5010 and D.0.  In addition, there are many submitters that have not yet initiated testing with their Medicare Administrative Contractor (MAC).  Therefore, to ensure that progress continues to be made, Medicare FFS is planning to take the following steps for submitters and receivers of Medicare Part B and Durable Medical Equipment (DME) transactions.  Submitters and receivers of Medicare Part A transactions will follow the same action plan starting 30 days after Part B and DME:

 

·         In December 2011, submitters/receivers that have tested and been approved for 5010/D.0 will be notified that they have 30 days to cutover to the 5010/D.0 versions.

·         Submitters/receivers that have not yet tested will be notified in December 2011 that they must submit their transition plan and timeline to their MAC in 30 days.

·         MACs will notify the submitters/receivers; submitters/receivers have the responsibility to notify the providers they service.


Reply | Messages in this Topic (1)
#755 From: "Barby McGowin" <barbaramcgowin@...>
Date: Fri Dec 16, 2011 4:16 am
Subject: NIST Computer Security Division Released Special Publication 800-63-1 Electronic Authentication Guideline 		hitrecruiting
Send Email Send Email
 

 

 

From: NIST Computer Security Resource Center [mailto:csrc.nist@...]
Sent: Thursday, December 15, 2011 4:40 PM
To: barbaramcgowin@...
Subject: NIST Computer Security Division Released Special Publication 800-63-1 Electronic Authentication Guideline

 

NIST Computer Security Division is proud to announce the release of Special Publication 800-63-1, Electronic Authentication Guideline.

To view the NIST Press Release of this Special Publication, please visit the NIST webpage at:
http://www.nist.gov/itl/csd/sp80063-121311.cfm

URL to view / download the PDF document (CSRC website):
http://csrc.nist.gov/publications/nistpubs/800-63-1/SP-800-63-1.pdf

If you are interested in viewing other Special Publications that the NIST Computer Security Division has released, you can visit the CSRC Special Publications webpage:
http://csrc.nist.gov/publications/PubsSPs.html


Reply | Messages in this Topic (1)
#756 From: "David A. Feinberg, C.D.P." <DAFeinberg@...>
Date: Tue Jan 10, 2012 4:54 pm
Subject: Electronic Funds Transfers Transactions Standards Interim Final Rule with Comment Period Published in Federal Register 		dafeinberg
Send Email Send Email
  
An Interim Final Rule with Comment Period for HIPAA Transactions
Standards for Health Care Electronic Funds Transfers (EFTs) and
Remittance Advice was published in the Federal Register on 1/10/2012,
and can be viewed at
http://www.gpo.gov/fdsys/pkg/FR-2012-01-10/pdf/2012-132.pdf .

Following are key dates associated with this interim final rule:
> Effective Date:  10 January 2012,
> End of Comment Period:  12 March 2012,
> Compliance Date:  1 January 2014.

                     Dave Feinberg
                     Rensis Corporation  [A Consulting Company]
                     206-617-1717
                     DAFeinberg@...
                     Author of  "Understanding HIPAA Communications"

P.S.  More information, more frequently, on this and other HIPAA topics
can be found in LinkedIn Group "HIPAA 411":
http://www.linkedin.com/groups?gid=2473393

Reply | Messages in this Topic (1)
#757 From: "Barby McGowin" <barbaramcgowin@...>
Date: Thu Feb 2, 2012 4:52 am
Subject: NIST Computer Security Division Released Draft SP 800-61 Rev. 2, Computer Security Incident Handling Guide 		hitrecruiting
Send Email Send Email
 

 

 

From: NIST Computer Security Resource Center [mailto:csrc.nist@...]
Sent: Wednesday, February 01, 2012 9:30 PM
To: barbaramcgowin@...
Subject: NIST Computer Security Division Released Draft SP 800-61 Rev. 2, Computer Security Incident Handling Guide

 

NIST Computer Security Division announces the public comment release of Draft Special Publication (SP) 800-61 Revision 2, Computer Security Incident Handling Guide.  To learn more about this draft document and for the link to the PDF file, please visit the CSRC by either going to the CSRC Drafts page or the CSRC News page:

Note: This draft was ready for posting on January 30 but it wasn't posted to CSRC website until February 1.

Drafts page:
http://csrc.nist.gov/publications/PubsDrafts.html#SP-800-61-Rev.%202

News page:
http://csrc.nist.gov/news_events/index.html#feb1




Reply | Messages in this Topic (1)
#758 From: "David A. Feinberg, C.D.P." <DAFeinberg@...>
Date: Mon Feb 6, 2012 3:25 pm
Subject: Interesting Medicare Fee for Service (FFS) Processing Rules for HIPAA Transactions, Code Sets, and Identifiers 		dafeinberg
Send Email Send Email
  
From time to time, Medicare FFS establishes processing rules for
transactions, code sets, and identifiers adopted under HIPAA. While
these Medicare FFS processing rules are not necessarily binding on other
health plans, they can have great influence given that Medicare is the
largest health plan in the USA.  Some of the more interesting of these
processing rules have now been posted -- along with other potentially
useful reference discussions -- in the Manager's Choice portion of
LinkedIn group "HIPAA 411".

                     Dave Feinberg
                     Rensis Corporation  [A Consulting Company]
                     206-617-1717
                     DAFeinberg@...
                     Author of  "Understanding HIPAA Communications"

Reply | Messages in this Topic (1)
#759 From: "David A. Feinberg, C.D.P." <DAFeinberg@...>
Date: Mon Feb 6, 2012 8:26 pm
Subject: HIPAA Health Plan Identifier Notice of Proposed Rule Making (NPRM) 		dafeinberg
Send Email Send Email
  
The draft NPRM for the Standard Unique Health Plan Identifier originally
required by HIPAA Administrative Simplification and reiterated by the
Affordable Care Act of 2010 has been turned over by CMS to the Office of
Management and Budget (OMB) for regulatory review and approval. This OMB
process can run from a few days to approximately three months, or
sometimes longer. Once OMB regulatory approval is received, the NPRM can
be published in the Federal Register for public comment.

This is a significant milestone! For those of you interested in the
legal details regarding the OMB review, link to
http://www.reginfo.gov/public/do/eAgendaViewRule?pubId=201110&RIN=0938-AQ13 .

                     Dave Feinberg
                     Rensis Corporation  [A Consulting Company]
                     206-617-1717
                     DAFeinberg@...
                     Author of  "Understanding HIPAA Communications"
                     Moderator of LinkedIn Group "HIPAA 411"

Reply | Messages in this Topic (1)
#760 From: "David A. Feinberg, C.D.P." <DAFeinberg@...>
Date: Tue Feb 7, 2012 4:11 pm
Subject: ASC X12 not recommending 6020 TR3s to DSMO for HIPAA adoption. 		dafeinberg
Send Email Send Email
  
extracted from
http://www.x12.org/x12org/docs/2012_0206%20ASC%20X12%20006020%20Announcement%20F\
inal.pdf

"Falls Church, VA - February 6, 2012 -Accredited Standards Committee X12
(ASC X12) announces plans for the 006020 TR3s. After meeting
with health care industry stakeholders and assessing the current and
planned health care industry initiatives, ASC X12 will not recommend its
6020 Type 3 Technical Reports (TR3s) to the Designated Standards
Maintenance Organizations (DSMO) for consideration of adoption under the
Health Insurance Portability and Accountability Act (HIPAA).

"ASC X12 doesn't typically make decisions such as this until after final
publication, however it believes the health care industry is better
served at this time by a reassurance that the 5010 implementations will
have time to mature before another version is recommended for adoption.
Even though the 6020 versions will not be recommended for adoption, it
is critical that health care industry stakeholders review the 6020 TR3s
currently posted for public comment and provide comments to ASC X12 as
the 6020 version will serve as the basis for the next ASC X12 version
to be recommended for adoption.

"Cathy Sheppard, Chair of ASC X12, said 'Although the 6020 TR3s include
revisions that satisfy a significant number of the business needs and
requests brought forward by industry participants, ASC X12 recognizes
that the industry is not ready to begin another implementation cycle at
this time. ASC X12 will continue to solicit feedback on the 5010 and
6020 versions as it begins work on the next development cycle and we
look forward to accommodating additional business needs with the next
published versions of our work products.'

"The draft 6020 Technical Reports, Change Summaries, online conferences
and instructions for submitting comments can be accessed via
http://forums.x12.org. The Public Comment Period closes on March 07,
2012 at 5:00pm EST."

###

Reply | Messages in this Topic (1)
#761 From: "Barby McGowin" <barbaramcgowin@...>
Date: Tue Feb 21, 2012 10:51 pm
Subject: NIST Special Publication 800-153, Guidelines for Securing Wireless Local Area Networks (WLANs) 		hitrecruiting
Send Email Send Email
 

 

 

From: NIST Computer Security Resource Center [mailto:csrc.nist@...]
Sent: Tuesday, February 21, 2012 5:29 PM
To: barbaramcgowin@...
Subject: NIST Special Publication 800-153, Guidelines for Securing Wireless Local Area Networks (WLANs)

 

NIST announces the final release of Special Publication (SP) 800-153, Guidelines for Securing Wireless Local Area Networks (WLANs)

 To view the full CSRC Announcement, go to:
http://csrc.nist.gov/news_events/index.html#feb21 

 To view the final publication (SP 800-153), go to (PDF):
http://csrc.nist.gov/publications/nistpubs/800-153/sp800-153.pdf 

 This Special Publication can be located on the CSRC Special Publications page (target link):
http://csrc.nist.gov/publications/PubsSPs.html#800-153




Reply | Messages in this Topic (1)
#762 From: "Barby McGowin" <barbaramcgowin@...>
Date: Wed Feb 29, 2012 6:15 pm
Subject: DRAFT SP 800-53 Rev 4, Security and Privacy Controls for Federal Information Systems and Organizations (Initial Public Draft) 		hitrecruiting
Send Email Send Email
 

If you have time to devote to the review of this important document, please be aware that the public comment period is February 28th through April 6th, 2012.  Send your comments to sec-cert@...

 

The major changes in Revision 4 include:

 

·         New security controls and control enhancements;

·         Clarification of security control requirements and specification language;

·         New tailoring guidance including the introduction of overlays;

·         Additional supplemental guidance for security controls and enhancements;

·         New privacy controls and implementation guidance;

·         Updated security control baselines;

·         New summary tables for security controls to facilitate ease-or-use; and,

·         Revised minimum assurance requirements and designated assurance controls.

 

Those that have evaluated your information systems, implemented security controls, and evaluated the effectiveness of those security controls have valuable information and your comments concerning Revision 4 are much needed.

 

Thank you for all you do,

Barbara McGowin

 

 

 

From: NIST Computer Security Resource Center [mailto:csrc.nist@...]
Sent: Tuesday, February 28, 2012 5:29 PM
To: barbaramcgowin@...
Subject: DRAFT Special Publication 800-53 Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations (Initial Public Draft)

 

DRAFT Security and Privacy Controls for Federal Information Systems and Organizations (Initial Public Draft)

Please visit the CSRC Drafts page to learn more about this new Draft Special Publication.

URL to Drafts page:
http://csrc.nist.gov/publications/PubsDrafts.html

You can also view the same announcement on the CSRC News/Announcement page.

URL to CSRC News page:
http://csrc.nist.gov/news_events/index.html#feb28

 


Reply | Messages in this Topic (1)
#763 From: "Barby McGowin" <barbaramcgowin@...>
Date: Mon Mar 5, 2012 9:02 pm
Subject: Affordable Care Act in Your State 		hitrecruiting
Send Email Send Email
 

Attached is an excel spreadsheet with a break down by state of how many people have benefitted from the Affordable Care Act.  It also tells how much money each state has received to fight unreasonable premium increases, build affordable insurance exchanges and received to improve public health due to the Affordable Care Act.

If you haven’t seen any measurable movement in your state implementing the Affordable Care Act you may want to ask your governor what they did with the money.

 

Barbara McGowin

843-614-9651


1 of 1 File(s)


Reply | Messages in this Topic (1)
#764 From: "David A. Feinberg, C.D.P." <DAFeinberg@...>
Date: Thu Mar 8, 2012 4:08 am
Subject: Public Comment Period for ASC X12's 832 Health Care Fee Schedule TR3 		dafeinberg
Send Email Send Email
  
The following X12N version 006020 draft Implementation Guide is
presently available for free download, review, and public comment:
           006020X304     Health Care Fee Schedule.
Public comment on this Implementation Guide is a key step in its ASC X12
Type 3 Technical Report (TR3) publication process.

The public comment period for this guide began on 1 March 2012 and
will close on Tuesday, 1 May 2012, at 8:00 p.m. Eastern time.

The purpose of this guide is to:
     · Convey fee schedule information from a health plan to a contracted
       (participating) provider of health care services.

This is the initial version of a Fee Schedule TR3. The business
requirements were initially provided through a group of entities working
in conjunction with the AMA. Industry members have expressed an interest
in piloting an initial fee schedule implementation in a professional
setting (versus institutional or dental). This version  is expected to
be able to meet the needs for an initial pilot test.

Industry input is needed for the determination of fee schedule
requirements from a larger cross section of the possible user community.
That input will be used to determine detailed requirements for a
subsequent version of the technical report that also incorporates the
results of the pilot testing of the first published version.  Some
specific issues that the authors would appreciate comment and guidance
on for future versions include:
     · What other payment methodologies need to be incorporated into the
fee schedule?
     · Do providers need to see the explicit fee algorithm for each fee
within a payment methodology, or just the identification of the
methodology and the results (allowed amount or percentage) for the
specific service/procedure?
     · This draft identifies limited types of claims, based upon the
types of electronic claim formats. Is there a need to incorporate a
greater granularity in claim types, and what other types would be
needed?
     · Specific additional example scenarios for section 3 are requested
that include real details to have the example make business sense.
Ideally, a scenario would identify the business usage, sample related
service detail, and realistic fee information. Since the example is not
intended to convey a full real fee schedule, please limit each scenario
to not more than the equivalent of ten rows in a fee schedule.

This is ASC X12's only unconstrained public comment period.  The authors
of this guide will consider all comments during and following the
public comment period.  For a complete understanding of changes being
suggested and/or made to this guide, reviewers should monitor the
on-line conference during the public comment period and consider all
author responses prior to the Informational Forum.  Official authoring
work group responses will be posted to the on-line conference at least
15 days prior to the Informational Forum.

An announcement of the Informational Forum will be made later.  The
Informational Forum, held during an ASC X12 Standing Meeting or
virtually, is the final ASC X12 opportunity to comment:  but generally
only on modifications based on the received public comments.  After
that, the guide is finalized for movement through the Insurance
Subcommittee (X12N) and X12 publication approval processes.

The draft Health Care Fee Schedule implementation guide is available for
download at:   http://forums.x12.org

Comments on the draft instructions can be submitted via the on-line
conference through: http://forums.x12.org

The Health Care Fee Schedule Implementation Guide, 006020X304, is not a
counterpart of any that have been adopted under HIPAA, and no official
discussions regarding any such adoption are presently contemplated.  At
this juncture, only voluntary, pilot use of this TR3 is anticipated.

Participation in ASC X12's public comment period for the Health Care
Fee Schedule Implementation Guides is open to all who may be
interested; whether or not members of Accredited Standards Committee
X12.  Please participate -- this is the highest leverage opportunity for
anybody outside of the authors to impact this document.

                     Dave Feinberg
                     Rensis Corporation  [A Consulting Company]
                     206-617-1717
                     DAFeinberg@...
                     Author of  "Understanding HIPAA Communications"
                     Moderator of LinkedIn Group  "HIPAA 411"

Reply | Messages in this Topic (1)
#765 From: "Barby McGowin" <barbaramcgowin@...>
Date: Fri Mar 16, 2012 4:09 pm
Subject: Affordable Care Act 		hitrecruiting
Send Email Send Email
 

I have attached an internal linked pdf of ACA.  Just click any part of the act listed in pages 1-12 and it will take you to that part of the act in the 906 page document.  You may also go to gpo.gov and download the act, put it won’t have the internal links in it.

 

Here is the link: http://www.gpo.gov/fdsys/pkg/PLAW-111publ148/pdf/PLAW-111publ148.pdf

I have found that it is much easier using a digital document of a law with internal links applied when trying to get a handle on it and also when refuting false claims of what a law contains. 

 

Barbara McGowin

 


1 of 1 File(s)


Reply | Messages in this Topic (1)
#766 From: "Barby McGowin" <barbaramcgowin@...>
Date: Fri Mar 16, 2012 11:19 pm
Subject: First Enforcement Action from HITECH Breach Notification Rule 		hitrecruiting
Send Email Send Email
 

For the official online HITECH Act visit http://www.gpo.gov/fdsys/pkg/PLAW-111publ5/pdf/PLAW-111publ5.pdf

The HITECH Act starts on page 226.  I have attached the HITECH Act.  The attached digital document has internal links applied for ease of reference.  Simply click on the desired section of the act to use the internal links.

The news release below provides information about the first enforcement action resulting from HITECH Act.

Barbara McGowin

___________________________________________________________________________________________

 

News Release

FOR IMMEDIATE RELEASE
March 13, 2012

Contact: HHS Press Office
(202) 690-6343

HHS settles HIPAA case with BCBST for $1.5 million

First enforcement action resulting from HITECH Breach Notification Rule

Blue Cross Blue Shield of Tennessee (BCBST) has agreed to pay the U.S. Department of Health and Human Services (HHS) $1,500,000 to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules, Leon Rodriguez, Director of the HHS Office for Civil Rights (OCR), announced today. BCBST has also agreed to a corrective action plan to address gaps in its HIPAA compliance program. The enforcement action is the first resulting from a breach report required by the Health Information Technology for Economic and Clinical Health (HITECH) Act Breach Notification Rule.

The investigation followed a notice submitted by BCBST to HHS reporting that 57 unencrypted computer hard drives were stolen from a leased facility in Tennessee. The drives contained the protected health information (PHI) of over 1 million individuals, including member names, social security numbers, diagnosis codes, dates of birth, and health plan identification numbers. OCR’s investigation indicated BCBST failed to implement appropriate administrative safeguards to adequately protect information remaining at the leased facility by not performing the required security evaluation in response to operational changes. In addition, the investigation showed a failure to implement appropriate physical safeguards by not having adequate facility access controls; both of these safeguards are required by the HIPAA Security Rule.

“This settlement sends an important message that OCR expects health plans and health care providers to have in place a carefully designed, delivered, and monitored HIPAA compliance program,” said OCR Director Leon Rodriguez. “The HITECH Breach Notification Rule is an important enforcement tool and OCR will continue to vigorously protect patients’ right to private and secure health information.”

In addition to the $1,500,000 settlement, the agreement requires BCBST to review, revise, and maintain its Privacy and Security policies and procedures, to conduct regular and robust trainings for all BCBST employees covering employee responsibilities under HIPAA, and to perform monitor reviews to ensure BCBST compliance with the corrective action plan.

HHS Office for Civil Rights enforces the HIPAA Privacy and Security Rules. The HIPAA Privacy Rule gives individuals rights over their protected health information and sets rules and limits on who can look at and receive that health information. The HIPAA Security Rule protects health information in electronic form by requiring entities covered by HIPAA to use physical, technical, and administrative safeguards to ensure that electronic protected health information remains private and secure.

The HITECH Breach Notification Rule requires covered entities to report an impermissible use or disclosure of protected health information, or a “breach,” of 500 individuals or more to HHS and the media. Smaller breaches affecting less than 500 individuals must be reported to the secretary on an annual basis.

Individuals who believe that a covered entity has violated their (or someone else’s) health information privacy rights or committed another violation of the HIPAA Privacy or Security Rule may file a complaint with OCR at: http://www.hhs.gov/ocr/privacy/hipaa/complaints/index.html.

The HHS Resolution Agreement can be found at http://www.hhs.gov/ocr/privacy/hipaa/enforcement/examples/
resolution_agreement_and_cap.pdf.

Additional information about OCR’s enforcement activities can be found at http://www.hhs.gov/ocr/privacy/hipaa/enforcement/examples/index.html.


###

 

Note: All HHS press releases, fact sheets and other press materials are available at http://www.hhs.gov/news.

Last revised: March 13, 2012

 

 

 

 

 

http://www.boisestate.edu/research/recovery/HITECHlegislation.pdf


1 of 1 File(s)


Reply | Messages in this Topic (1)
#767 From: "Barby McGowin" <barbaramcgowin@...>
Date: Sun Mar 18, 2012 2:16 am
Subject: Prohibit Speculators in Food Commodities 		hitrecruiting
Send Email Send Email
 

Dear friends,

 

I wanted to let you know about a new petition I created on We the People,  a new feature on WhiteHouse.gov, and ask for your support. Will you add your  name to mine?  If this petition gets 25,000 signatures by April 16, 2012, the White House will review it and respond!

 

We the People allows anyone to create and sign petitions asking the Obama  Administration to take action on a range of issues.  If a petition gets enough support, the Obama Administration will issue an official response.

 

 

You can view and sign the petition here:

http://wh.gov/Rls

 

 

Here's some more information about this petition:

 

We ask the Obama Administration to prohibit speculator participation/pure profit transactions &  require business necessity proof for commodities trading.

 

Gas prices are rising due in large part to speculation in the oil commodities market.  We’re about to see a huge increase in "food investments" or speculators buying commodity ETFs. That’s bad if you’re a consumer. Through natural causes the supply of wheat, corn and soybeans is shrinking and demand is increasing, so the price has/will  increase throughout 2012. As speculators jump on the food commodities rally, prices of food at the grocery store will sky rocket.  To prevent speculation from causing food prices to surge at the grocery store prohibit speculators,  or pure profit play, in the commodity markets and commodity derivative markets.  Require proof of a business need to purchase commodities and  commodity ETFs.

 

 

If you can't buy gas, you can walk.  If you can't buy food, you can die.

 

 

Thank you,

Barbara McGowin


Reply | Messages in this Topic (1)
#768 From: "David A. Feinberg, C.D.P." <DAFeinberg@...>
Date: Fri Apr 13, 2012 3:48 pm
Subject: Public Comment Period for Three ASC X12 Post Adjudicated Claims Data Reporting Guides 		dafeinberg
Send Email Send Email
 
The following X12N version 005010 draft Implementation Guides are presently available for free download, review, and public comment:

  • 005010X298 – Post Adjudicated Claims Data Reporting:  Professional
  • 005010X299 – Post Adjudicated Claims Data Reporting:  Institutional
  • 005010X300 – Post Adjudicated Claims Data Reporting:  Dental

Public comment on these Implementation Guides is a key step in its ASC X12 Type 3 Technical Report (TR3) publication process.

The public comment period for these guides began on 6 April 2012 and will close on Monday, 7 May 2012, at 8:00 p.m. Eastern time.

The purpose of these guides is to describe the use of the ASC X12 Health Care Claim (837) transaction set for reporting health care professional, institutional, or dental service post adjudicated data:
    • to satisfy state and federal reporting requirements such as;  Medicare and Medicaid encounters, All Payer Claims Databases, and Health Care Insurance Exchanges
    • for use in health data analysis from payer data.

This is ASC X12's only unconstrained public comment period.  The authors of these guides will consider all comments during and following the public comment period.  For a complete understanding of changes being suggested and/or made to this guide, reviewers should monitor the on-line conferences during the public comment period and consider all author responses prior to the Informational Forum(s).  Official authoring work group responses will be posted to the on-line conferences at least 15 days prior to the Informational Forum(s).  The posted work group responses are not necessarily the final determination.  Additional discussion in the Informational Forum(s) may result in the work group approving a modification to the posted response.  Such modifications are not posted to the on-line conferences.

An announcement of the Informational Forum(s) will be made later.  The Informational Forum(s), held during an ASC X12 Standing Meeting or virtually, is the final ASC X12 opportunity to comment:  but generally only on modifications based on the received public comments.  After that, the guides are finalized for movement through the Insurance Subcommittee (X12N) and X12 publication approval processes.

The draft Post Adjudicated Claims Data Reporting Guides are available for download and on-line commenting in the April portion of:   http://forums.x12.org .

The Post Adjudicated Claims Data Reporting Guides listed above are not a counterpart of any that have been adopted under HIPAA, and no official discussions regarding any such adoption are presently contemplated. 
 
Participation in ASC X12's public comment period for the Post Adjudicated Claims Data Reporting Guides is open to all who may be interested; whether or not members of Accredited Standards Committee X12.  Please participate -- this is the highest leverage opportunity for anybody outside of the authors to impact these documents.

                    Dave Feinberg
                    Rensis Corporation  [A Consulting Company]
                    206-617-1717
                    DAFeinberg@...
                    Author of  "Understanding HIPAA Communications"
                    Moderator of LinkedIn Group  "HIPAA 411"

Reply | Messages in this Topic (1)
#769 From: "Barby McGowin" <barbaramcgowin@...>
Date: Sat Apr 14, 2012 10:33 am
Subject: NIST Computer Security Division Released 2nd Draft SP 800-130, A Framework for Designing Cryptographic Key Management Systems 		hitrecruiting
Send Email Send Email
 

Second Public Draft, Special Publication 800-130, A Framework for Designing Cryptographic Key Management Systems
 
Public Comment Period: April 13, 2012 through July 30, 2012.
 
Email Comments to: ckmsdesignframework@...Second Public Draft Details:

 
NIST requests comments on SP 800-130, A Framework for Designing Cryptographic Key Management Systems. This is a revision of the document that was provided for public comment in June 2010. Comments are requested by July 30, 2012 and should be sent to ckmsdesignframework@..., with "Comments on SP 800-130" in the subject line. Another document, SP 800-152, which provides a basic profile of this framework document for the Federal government, will be available for initial comment later this year.
 
Links:
Draft SP 800-130 (PDF) on CSRC website:
http://csrc.nist.gov/publications/drafts/800-130/second-draft_sp-800-130_april-2012.pdf
 
Location of Draft on the CSRC Drafts page:
http://csrc.nist.gov/publications/PubsDrafts.html#SP-800-130

  


Reply | Messages in this Topic (1)
#770 From: "David A. Feinberg, C.D.P." <DAFeinberg@...>
Date: Tue Apr 17, 2012 3:33 pm
Subject: ICD-10 Delay and National Identifiers NPRM Published in Federal Register 		dafeinberg
Send Email Send Email
  
Official formal Notice of Proposed Rule Making (NPRM) -- i.e., draft
federal regulations -- for four items was published today, 4/17/2012, in
the Federal Register.  This NPRM may be obtained at
http://www.gpo.gov/fdsys/pkg/FR-2012-04-17/pdf/2012-8718.pdf .

The four items covered in this NPRM are:

° Proposed delay of the original compliance date for ICD-10-CM and
ICD-10-PCS code sets for one year -- until 10/01/2014;

° Proposed National Health Plan Identifier (HPID) as originally
legislated under HIPAA;

° Proposed "other entity" identifier (OEID) for entities that are not
health plans, health care providers, or individuals, but that need to be
identified in standard transaction; and

° Proposed circumstances under which an organization covered health care
provider must require certain noncovered individual health care
providers who are prescribers to obtain and disclose a National Provider
Identifier (NPI).

Anybody may submit comments regarding this NPRM from today through
Thursday, 5/17/2012.  References in any comments should be solely to the
version of the NPRM contained in the Federal Register.  The
pre-publication version -- posted a week ago -- should be discarded.

                     Dave Feinberg
                     Rensis Corporation  [A Consulting Company]
                     206-617-1717
                     DAFeinberg@...
                     Author of  "Understanding HIPAA Communications"
                     Moderator of LinkedIn Group  "HIPAA 411"

Reply | Messages in this Topic (1)
#771 From: "Barby McGowin" <barbaramcgowin@...>
Date: Thu Apr 19, 2012 12:35 am
Subject: HHS Settles Case with Phoenix Cardiac Surgery for Lack of HIPAA Safeguards 		hitrecruiting
Send Email Send Email
 

Phoenix Cardiac Surgery, P.C., of Phoenix and Prescott, Arizona, has agreed to pay the U.S. Department of Health and Human Services (HHS) a $100,000 settlement and take corrective action to implement policies and procedures to safeguard to protected health information of its patients. 

The settlement with the physician practice follows an extensive investigation by the HHS Office for Civil Rights (OCR) for potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules.

The incident giving rise to OCR’s investigation was a report that the physician practice was posting clinical and surgical appointments for their patients on an Internet-based calendar that was publicly accessible.   On further investigation, OCR found that Phoenix Cardiac Surgery had implemented few policies and procedures to comply with the HIPAA Privacy and Security Rules, and had limited safeguards in place to protect patients’ electronic protected health information (ePHI). 

Among other issues, OCR’s investigation revealed the following issues:

·         Phoenix Cardiac Surgery failed to implement adequate policies and procedures to appropriately safeguard patient information; 

·         Phoenix Cardiac Surgery failed to document that it trained any employees on its policies and procedures on the Privacy and Security Rules;

·         Phoenix Cardiac Surgery failed to identify a security official and conduct a risk analysis; and

·         Phoenix Cardiac Surgery failed to obtain business associate agreements with Internet-based email and calendar services where the provision of the service included storage of and access to its ePHI.

 

Under the HHS resolution agreement, Phoenix Cardiac Surgery has agreed to pay a $100,000 settlement amount and a corrective action plan that includes a review of recently developed policies and other actions taken to come into full compliance with the Privacy and Security Rules.

Read the Resolution Agreement and CAP

For Information on OCR’s Enforcement Activities

Read the HHS Press Release

 


 

.


Reply | Messages in this Topic (1)
Messages 742 - 771 of 793   Oldest  |  < Older  |  Newer >  |  Newest
Add to My Yahoo!      XML What's This?
Copyright © 2010 Yahoo! Inc. All rights reserved.
Privacy Policy - Terms of Service - Guidelines NEW - Help