SecureEHR Online BSH Gap Analysis Tool
As of January 2011, over 225 major health information breaches have been reported to, and are posted on the Health and Human Services (HHS) Breach List. These breaches compromised the protected health information of more than 6.3 million individuals.
Let’s see what our SecureEHR Online BSH Gap Analysis Tool reveals.
Covered entities are required to notify the affected individual(s) and the Secretary of HHS when breaches are discovered. If the breach affects more than 500 individuals, covered entities are also required to notify “prominent media outlets” of the breach. Information on the HHS Breach Notification View the HHS Breach Notification Rule.
The HITECH breach notification rule includes a “safe harbor” that exempts the reporting of breaches of information that was encrypted using National Institute of Standards and Technology (NIST) standards specified by HHS. This assessment relies on the guidance provided by HHS on April 27, 2009 to offer a high level evaluation of the answers provided to give an indication whether the system described in those answers is likely to conform to the guidance. View the HHS HITECH Act Breach Notification Guidance.
For assurance that your product complies with the HHS Guidance specifying the technologies and methodologies that render protected health information unusable, unreadable, or indecipherable InfoGard recommends that you have your product tested by a National Voluntary Laboratory Accreditation Program (NVLAP) laboratory such as InfoGard which is accredited for Cryptographic and Security Testing.