The Office for Civil Rights (OCR) at the United States Department of Health and Human Services is seeking public input on recognized security practices as well as civil money penalty (CMP) and settlement sharing. Responders are asked to answer one or more of several questions from several specific topics including:
- Voluntary implementation by regulated entities of recognized security practices
- What constitutes individual harm in the context of the HIPAA Rules and which harms should be eligible for a distribution
- Establishing a calculation methodology for the amount set aside for distribution to individuals
- Specific models for HHS to consider in developing its own methodology
- Circumstances in which funds should not be set aside for distribution
See the official request for information for a complete list questions and to submit a formal comment. The comment period closes on June 6, 2022.
Considerations for Implementing the Health Information Technology for Economic and Clinical Health (HITECH) Act, as Amended
View Complete Request for Information
