Dedicated to providing the latest
HIPAA compliance news

SAFER Guides Updated by ONC: Ransomware Prevention and Mitigation Strategies Included

Share this article on:

The Department of Health and Human Services’ Office of the National Coordinator for Health Information Technology (ONC) has updated its SAFER Guides to include information to help healthcare providers protect against ransomware infections and mitigate ransomware attacks.

The Safety Assurance Factors for Electronic Health Record Resilience (SAFER) Guides were first released in January 2014 to help healthcare providers improve the usability of their EHRs and address the risks that EHR technology can introduce. The SAFER Guides can also be used to reduce the potential for patients to suffer EHR-related harm.

The SAFER Guides cover a range of key focus areas and include evidence-based best practices that can be adopted by healthcare providers to improve the usability and safety of their EHRs. Over the past three years, technology has changed as have the threats faced by the healthcare industry.

The guides were therefore due an update to keep them useful and relevant. Prior to issuing the updated guides, ONC sought feedback from healthcare providers and developers of EHRs. The comments and recommendations received from the National Academy of Medicine, the National Quality Forum, the American Medical Informatics Association, the Electronic Health Record Association and other organizations have been used to develop new best practices that healthcare providers should adopt.

The SAFER Guides include checklists and recommendations for healthcare organizations along with note templates that can be used to improve the safety and usability of EHRs. ONC says the guides have been developed to help reduce data-related burdens.

The guides now cover ransomware prevention strategies and mitigations to reduce the impact of ransomware attacks, including how to manage downtime following ransomware attacks and how to respond when EHR systems are slow or inaccessible.

The updated SAFER Guides can help organizations with EHR contingency planning to ensure compliance with that aspect of the HIPAA Security Rule. The SAFER guides now include an EHR contingency planning self-assessment to help in this regard.

The guides also include a new recommendation to the Test Results and Follow-Up Reporting Guide to help healthcare organizations communicate abnormal results to patients. The update incudes advice ONC received from the National Academy of Medicine.

To date, more than 52,000 users have downloaded the SAFER Guides and many EHR developers are now using the guides to help their customers set up their EHR systems and improve both safety and usability.

ONC says the SAFER Guides are particularly useful for technical assistance providers to help smaller healthcare organizations improve care quality and participate in the Medicare Quality Payment Program.

Author: HIPAA Journal

HIPAA Journal provides the most comprehensive coverage of HIPAA news anywhere online, in addition to independent advice about HIPAA compliance and the best practices to adopt to avoid data breaches, HIPAA violations and regulatory fines.

Share This Post On