CMS provides educational papers on HIPAA Security Rule

Article

The April 20 deadline for the Health Insurance Portability and Accountability Act Security Rule has come and gone. But for radiology departments still struggling to meet compliance, the Centers for Medicare and Medicaid Services has published three more educational papers to demystify the rule.

The April 20 deadline for the Health Insurance Portability and Accountability Act Security Rule has come and gone. But for radiology departments still struggling to meet compliance, the Centers for Medicare and Medicaid Services has published three more educational papers to demystify the rule.

"This is our attempt to provide guidance for covered entities. Our focus regarding HIPAA enforcement is to always go for voluntary compliance," said Karen Trudel, deputy director of the Office of E-Health Standards and Services at CMS.

The three papers released in June join two others previously published by CMS. The organization plans to release two more educational papers covering security topics, for a total of seven:

  • Security 101 for Covered Entities

  • Security Standards: Physical Safeguards

  • Security Standards: Administrative Safeguards

  • Security Standards: Technical Safeguards

  • Security Standards: Organizational, Policies & Procedures, and Documentation Requirements

  • Basics of Risk Analysis & Risk Management

  • Implementation for the Small Provider

While CMS doesn't have a publication date yet for the small provider paper, the risk analysis paper is well through the review process and should be published shortly, Trudel said.

In general, feedback at conferences and roundtable discussions on the papers has been positive, according to CMS security specialist Brad Peska.

"There has been value in the papers, especially for smaller providers trying to get a better handle on the topic," he said.

For links to PDF files of the educational series, users can visit the HIPAA Web site and navigate to the page devoted to Security Rule education. HIPAA's main Web site also has links to FAQs, additional educational materials, and a schedule for roundtable discussions on the topic.

"We're trying to demystify security," Trudel said. "People think that security is a complex technological area. They think they will be overwhelmed by the need for consultants, new equipment, and technical expertise. We're trying to get across the fact that a lot of security is common sense."

Newsletter

Stay at the forefront of radiology with the Diagnostic Imaging newsletter, delivering the latest news, clinical insights, and imaging advancements for today’s radiologists.

Recent Videos
SNMMI: Emerging PET Insights on Neuroinflammation with Progressive Apraxia of Speech (PAOS) and Parkinson-Plus Syndrome
Improving Access to Nuclear Imaging: An Interview with SNMMI President Jean-Luc C. Urbain, MD, PhD
SNMMI: 18F-Piflufolastat PSMA PET/CT Offers High PPV for Local PCa Recurrence Regardless of PSA Level
SNMMI: NIH Researcher Discusses Potential of 18F-Fluciclovine for Multiple Myeloma Detection
SNMMI: What Tau PET Findings May Reveal About Modifiable Factors for Alzheimer’s Disease
Emerging Insights on the Use of FES PET for Women with Lobular Breast Cancer
Can Generative AI Reinvent Radiology Reporting?: An Interview with Samir Abboud, MD
Mammography Study Reveals Over Sixfold Higher Risk of Advanced Cancer Presentation with Symptom-Detected Cancers
Combining Advances in Computed Tomography Angiography with AI to Enhance Preventive Care
Study: MRI-Based AI Enhances Detection of Seminal Vesicle Invasion in Prostate Cancer
Related Content
© 2025 MJH Life Sciences

All rights reserved.