Post Date: November 30, 2016
In a report requested by the U.S. Senate Committee on Health, Education, Labor and Pensions, the U.S. Government Accountability Office recommended that the Office for Civil Rights (OCR): (1) update its security guidance to address the key elements identified in the NIST Cybersecurity Framework; (2) update the technical assistance provided to covered entities and business associates; (3) follow up on the implementation of corrective actions; (4) establish performance measures for the OCR audit program; and (5) establish and implement policies and procedures to share investigation results with CMS for determining incentives under the HITECH Act’s meaningful use program. OCR agreed with most of the recommendations. As OCR responds to the recommendations, covered entities should expect to see updated guidance, technical assistance and other information from OCR . Read the report.