Resource Search Results

Cybersecurity Learning Bundle (2024). Resource Type: Toolkit. Description: This page provides resources related to each of eight cybersecurity priority areas that together support the essential and enhanced goals of the Department of Health and Human Services’ Cybersecurity Performance Goals, designed to help healthcare organizations address common vulnerabilities by setting a floor of safeguards that will better protect them from cyber attacks, improve response when events occur, and minimize residual risk. More Details...

Using Community Referral Technology Platforms to Safely Connect Health Center Patients with Community-based Domestic Violence Services (2024). Resource Type: Publication. Description: This memo provides recommendations for health center (HC) staff as they implement, tailor, and use electronic tools to connect their patients to community-based domestic violence (DV) and human trafficking (HT) services, including how to protect patient/survivor confidentiality. HCs increasingly play an important role in addressing the health-related social needs of their patients, including housing, food insecurity, and domestic violence. Today, referrals are often facilitated through online platforms, sometimes known as community referral networks or community referral technology platforms, to assist providers in connecting patients with necessary services and providing a mechanism for follow-up. However, concerns about privacy and confidentiality exist, particularly regarding sensitive health information such as experiences of violence. This memo addresses key questions and considerations for HC staff, emphasizing survivors’ rights and control over their health information. More Details...

On the Horizon: UDS+ and Race, Ethnicity, and Language Collection: Roundtable Series (2024). Resource Type: Archived Webinar. Description: The Community Health Care Association of New York State and Sun River Health, a health center in New York, joined the HITEQ Center for a discussion on UDS+ and the collection of granular race, ethnicity, and language (REaL) data. Sun River Health shared their experience collecting REaL data, including how they\'ve updated and optimized systems, tracked their data, and addressed challenges. More Details...

Digital Health Strategy to Enable Comprehensive Care: Navigating Regulatory Waters- Compliance and Considerations: Virtual Learning Collaborative (2024). Resource Type: Archived Webinar. Description: This session took a critical look at the regulatory environment surrounding digital health, including understanding HIPAA, data privacy laws, telehealth regulations, and navigating the evolving regulatory landscape. More Details...

Digital Health Strategy to Enable Comprehensive Care: Digital Health in Action- Use Cases and Success Stories: Virtual Learning Collaborative (2024). Resource Type: Archived Webinar. Description: This session showcased real-world examples and case studies of successful digital health strategies in primary care settings. There was a review of specific use cases, lessons learned, success factors, and the impact on patient care and clinic operations. More Details...

Engaging Partners and Technology to Support Care of Justice-Involved Patients: Virtual Webinar (2024). Resource Type: Archived Webinar. Description: In this session, participants learned from Harris Health (Texas) and Community Medical Centers Inc. (California) to hear about their expanded services for behavioral health and substance use disorder treatment for justice-involved community members. Attendees learned from these two healthcare providers that have made a commitment to offering care to justice -involved patients, and their journeys to build positive partnerships improving access to service. More Details...

Health Center Safety and Man-Made Threats Resource Packet: Targeted Resources on Health Center Security, Population-Specific Safety Topics, and Cybersecurity (2024). Resource Type: Publication. Description: This BPHCurates packet provides resources describing mitigation, preparedness, response, and recovery strategies for navigating man-made threats directed towards health centers, their staff, and patients. The man-made threats included in this packet are specifically related to health center security, population-specific safety concerns, and cybersecurity. More Details...

Health Center Resilience in the Face of Cyber Adversity: A Case Study of the Family Health Center of Worcester's Ransomware Incident, February 2024 (2024). Resource Type: Publication. Description: The use of ransomware -- malicious software that restricts access to computer systems with financial demands -- has escalated, targeting health centers and putting countless lives at risk. This dire reality came to the forefront during the alarming ransomware attack on the Family Health Center of Worcester, Inc. (FHCW), where the personal health information and care continuity for thousands of patients were compromised. This resource uses FHCW's experience as a case study to demonstrate the imperative of preparedness and the strength of a community-centered response in ensuring the continuity of healthcare services amidst the ever-growing tide of cyber vulnerabilities. More Details...

Cyber Insurance & HIPAA Breaches Tip Sheet (2024). Resource Type: Publication. Description: This Tip Sheet specifically addresses how cyber insurance coverage can support health centers in meeting their obligations under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) to respond to security incidents and to report breaches. More Details...

HITEQ Highlights: What to Do About Health IT Hazards Associated with Copy and Paste in the EHR: HITEQ Highlights Webinar (2023). Resource Type: Archived Webinar. Description: Copy and paste functionality can support efficiency during clinical documentation, but may promote inaccurate documentation with risks for patient safety. This webinar discussed three key areas where health centers can consider implementing safe practice recommendations: Define copy and paste as a health IT safety issue by identifying the potential patient safety risks Review safe practice recommendations and implementation strategies to mitigate health IT-related hazards and safety issues Disseminate evidence, tools and practices for implementation More Details...

Improving Health Center Cybersecurity: Risk Assessment, Breach Defense, Mitigation and Response - Session 4: Virtual Learning Collaborative (2023). Resource Type: Archived Webinar. Description: It's time to reconsider your strategy if you still treat cyber risk as an annual project or initiative. Having a thorough ongoing program in place means that even in the worst-case scenario, you'll be ready to demonstrate that you did what was reasonable and appropriate to protect your systems and patient data. Nothing can guarantee that a cyberattack won't become a breach. Health Centers are a domain with a high potential for data breaches, and the risk continues to grow as health centers use new tools and the introduction of artificial intelligence (AI). As a result, it is crucial for health center leadership to adopt breach prevention strategies across their entire organization, as opposed to relegating it to the IT department. To support health centers in their cybersecurity strategy and implementation, the HITEQ Center is offering a free learning collaborative -- Improving Health Center Cybersecurity: Risk Assessment, Breach Defense, Mitigation, and Response. This learning collaborative will involve four structured virtual learning sessions. During the series participants engaged with subject matter experts and their colleagues in peer-to-peer learning and discussion. Topics included: health center breach mitigation tactics, operationalizing cybersecurity to better mitigate risks, cybersecurity implications of generative artificial intelligence in health centers, and incident response planning from a cybersecurity perspective. More Details...

HITEQ Highlights: Enabling a Cyber-Resilient Health Center: HITEQ Highlights Webinar (2023). Resource Type: Archived Webinar. Description: This HITEQ Highlight aimed to strengthen Health Centers' capacity to build their cyber-resiliency. We covered risk management tools, methods for guarding against cybersecurity assaults, operationalizing cybersecurity to mitigate risks, and breach mitigation tactics. Participants focus on safeguarding data across the entire enterprise and examined approaches to implementing cybersecurity infrastructure through risk management frameworks and strategic risk assessment. More Details...

HITEQ Highlights: Health Centers as Actors (in Information Blocking)!: HITEQ Highlights Webinar (2023). Resource Type: Archived Webinar. Description: The HITEQ Center discussed approaches to balance patient confidentiality, sensitive situations, vulnerable populations, and meeting the provisions in CURES act and information blocking. How health centers should best prepare themselves and their staff to meet the information blocking provisions and better serve the patient population was also discussed. More Details...

FAQ: How will the upcoming changes to the Information Blocking and EHR certification requirements impact health centers?: October 2022 (2023). Resource Type: Publication. Description: When will the new information blocking and EHR certification requirements be in effect? What are the upcoming changes? How will these changes impact health centers? How will the scope of Information Blocking requirements change? How should health centers expand their EHI scope? How will EHR certification requirements change? How should health centers leverage the new FHIR R4 capabilities? More Details...

Navigating Compliance Challenges with the Information Blocking Rule: A Collection of Case Studies: HITEQ Center and Feldesman Tucker Leifer Fidell LLP, September 2023 (2023). Resource Type: Toolkit. Description: The Office of the National Coordinator for Health Information Technology’s (ONC) 21st Century Cures Act Information Blocking Rule (Info Blocking Rule) prohibits covered actors – including health care providers, health IT developers of certified health IT, and health information exchanges/health information networks– from engaging in practices likely to interfere with, prevent, or materially discourage access, exchange, or use of electronic health information (EHI). The Info Blocking Rule includes eight exceptions that provide actors with certainty that, when their practice interferes with the access, exchange, or use of EHI and meets the conditions of one or more exception, such practice will not be considered information blocking.1 More Details...

Health Center Guidelines for Implementing FHIR and the Information Blocking Rule: HITEQ Center, September 2023 (2023). Resource Type: Toolkit. Description: The 21st Century Cures Act and the ONC Health IT Certification Program include rules for technical configuration and use of Health Level 7® (HL7) Fast Healthcare Interoperability Resources® (FHIR) for health data exchange and accessibility. Health centers are directed to enable and publish their healthcare data locations, known as FHIR endpoints,* to and from their electronic health record (EHR). Part of the Cures Act, known as the Information Blocking Rule, mandates that patients have “easy” access to their digital medical information, costs and claims associated with their health record, and whom the data can be shared with. More Details...

Cybersecurity: Ask Me Anything: HITEQ Highlights Webinar (2023). Resource Type: Archived Webinar. Description: This session sought to motivate and educate Health Center staff and leadership on current critical cybersecurity threats, concepts, and methods for the defense of health data. A panel of cybersecurity experts addressed questions on how to best protect the health center from both internal and external network leaks, through malware such as ransomware, and through physical means on-site. More Details...

Interoperability Readiness Scorecard: HITEQ Center, July 2023 (2023). Resource Type: Template. Description: Many health centers struggle to reap the benefits of technological advancement and investments in health information technology (health IT), while others embrace them and reap rewards. Interoperability is one such example; requiring health centers assess systems, relationships, and implementation. There are keys to successful interoperability implementation for which health centers must develop processes, stand up infrastructure (within the system, internally and externally, and organization), and then take action. Process refers to structured processes, policies, and procedures within the health center. Infrastructure refers to structural capacity and ability within the health center’s technology and staffing structure. Action refers to full implementation to the point of active and ongoing use and engagement. This scorecard encourages health centers to consider their processes, infrastructure, and action in a number of key areas. Each area key to interoperability are to be self-graded on a scale of 1 through 5, where 1 is poorly or not yet developed and 5 is well developed. Health centers can also use this to guide discussions and monitor progress over time. evaluate once steps have been completed. More Details...

The HITEQ Center Podcast: Sharing Virtual Care Success Stories and Lessons Learned in 2022 and 2023 (2023). Resource Type: Podcast. Description: HITEQ is highlighting stories of leveraging the EHR, health IT, digital health tools, and other virtual care supports for health center recovery and stabilization during the COVID-19 pandemic and thereafter in this series of podcasts. We are lifting up stories that demonstrate the promise of digital and health IT tools to address the timely needs of health centers and their patients, emphasizing those that support high value, equitable care for all health center patients and that reduce provider burden. More Details...

Promoting Cybersecurity Awareness for Patients: Protecting yourself when using patient portals, health apps, and online medical devices, June 2023. (2023). Resource Type: Archived Webinar. Description: This training guide provides patients with knowledge and awareness about cybersecurity threats to protect their personal health data and to minimize risks from computer viruses and malware. More Details...