Skip to main content
Rural Health Information Hub

Rural Health
Resources by Topic: Patient privacy

Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients
Offers cybersecurity guidelines for healthcare organizations to help reduce cybersecurity risks. Outlines the top five cybersecurity threats, and discusses best practices to combat these threats. Technical Volume 1 discusses cybersecurity practices for small healthcare organizations.
Additional links: Technical Volume 1: Cybersecurity Practices for Small Health Care Organizations
Date: 04/2023
Type: Document
Sponsoring organizations: 405(d) Program, U.S. Department of Health and Human Services
view details
Telehealth and the Expiration of the COVID-19 Public Health Emergency, with Kathy Wibberly
An episode of the Exploring Rural Health podcast featuring Kathy Wibberly, Director of the Mid-Atlantic Telehealth Resource Center. Discusses the impact of the COVID-19 Public Health Emergency (PHE) on rural access to telehealth services and adjustments patients and providers can anticipate as the PHE comes to an end May 11, 2023.
Date: 04/2023
Type: Audio
Sponsoring organization: Rural Health Information Hub
view details
In Need of a Checkup: Examining the Cybersecurity Risks to the Healthcare Sector
Recording of a March 16, 2023, U.S. Senate Committee on Homeland Security and Governmental Affairs hearing on cybersecurity threats facing the healthcare sector. Features testimony from Kate Pierce, the former Chief Information Officer and Chief Information Security Officer of an Alabama Critical Access Hospital, who discusses cybersecurity in small and rural hospitals.
Additional links: Kate Piece, Fortified Health Security - Testimony
Date: 03/2023
Type: Video/Multimedia
Sponsoring organization: Senate Committee on Homeland Security and Governmental Affairs
view details
Preserve Telehealth Access Act of 2021: Telehealth Recommendations
Offers policy recommendations related to Maryland's Preserve Telehealth Access Act of 2021, including recommendations related to provider options to deliver care via telehealth, audio-visual and audio-only delivery, remote patient monitoring, hospice care services, inpatient care, patient privacy, and reimbursement levels.
Author(s): Randolph S. Sergent, Ben Steffen
Date: 12/2022
Type: Document
Sponsoring organization: Maryland Health Care Commission
view details
Safety Assurance Factors for EHR Resilience (SAFER) Guides Requirements
Infographic displaying the differences in the Safety Assurance Factors for EHR Resilience (SAFER) Guide requirements for hospitals and Critical Access Hospitals (CAHs) participating in the Medicare Promoting Interoperability Program and eligible clinicians participating in the Merit-based Incentive Payment System (MIPS) Promoting Interoperability performance category for eligible clinicians.
Date: 10/2022
Type: Document
Sponsoring organization: Centers for Medicare and Medicaid Services
view details
Medicare Telehealth: Actions Needed to Strengthen Oversight and Help Providers Educate Patients on Privacy and Security Risks
Analyzes 2019 and 2020 Medicare claims data to explore the utilization of telehealth services before and after the implementation of regulatory flexibilities and waivers in March 2020 in response to the COVID-19 pandemic. Describes efforts taken by the Centers for Medicare & Medicaid Services (CMS) to identify and monitor risks posed by Medicare telehealth waivers, as well as a change made to the enforcement of regulations governing patients' protected health information during the COVID-19 public health emergency. Offers three recommendations to CMS to strengthen oversight and assess the quality of telehealth services and one recommendation regarding assistance to providers to explain the privacy and security risks of telehealth to patients.
Additional links: Full Report
Date: 09/2022
Type: Document
Sponsoring organization: Government Accountability Office
view details
The IHS Telehealth System Was Deployed Without Some Required Cybersecurity Controls
Presents findings of an audit to determine whether the Indian Health Service (IHS) implemented select cybersecurity system controls prior to deploying its telehealth system nationally. Offers policy recommendations to the IHS for improving the implementation of cybersecurity controls for new information systems and remediating known vulnerabilities that may impact telehealth technologies.
Date: 09/2022
Type: Document
Sponsoring organization: Office of Inspector General (HHS)
view details
The Use of Telehealth for Disability Evaluation in Medicine and Allied Health: Proceedings of a Workshop
Summarizes presentations and discussions held during a March 2022 workshop regarding the use of telehealth for patient evaluation. Provides an overview of telehealth policy broadly and within the context of the COVID-19 pandemic. Explores the use of telehealth in a range of clinical specialties; telehealth access and digital inclusion and equity; the experiences of U.S. healthcare systems in deploying telehealth; and licensure, privacy, and security issues.
Additional links: Read Online
Author(s): Board on Health Care Services
Date: 2022
Type: Document
Sponsoring organization: Health and Medicine Division (HMD), National Academies of Sciences, Engineering, and Medicine
view details
New HIPAA Privacy Rule: What RHCs Need To Know
Recording of a January 27, 2021, webinar providing information about proposed and existing Health Insurance Portability and Accountability Act of 1996 (HIPAA) compliance rules affecting Rural Health Clinics (RHCs). Covers individual right of access to protected health information (PHI), fees for health records, patient identification verification, third party disclosures, and clarification of healthcare operations including care coordination and case management. Discusses proposed PHI changes regarding substance use disorders and serious mental illness, and changes in notice of privacy practices (NPP) requirements. Includes a fee calculator for medical record requests. Part of the Rural Health Clinic Technical Assistance Series.
Additional links: HIPAA Record Fee Calculator, Presentation Slides, Q&A, Transcript
Date: 01/2021
Type: Video/Multimedia
Sponsoring organization: National Association of Rural Health Clinics
view details
Federal Health IT Strategic Plan, 2020-2025
Outlines federal goals, plans, and priorities as they relate to health information technology (HIT) and its application across the U.S. Discusses federal efforts to improve broadband access and HIT infrastructure in all areas, including rural and tribal areas.
Date: 10/2020
Type: Document
Sponsoring organization: Office of the National Coordinator for Health Information Technology
view details