◆ CMS has posted new answers to frequently asked questions about the good faith estimate requirement for uninsured and self-pay patients in the No Surprises Act.[1]
◆ The HHS Office for Civil Rights (OCR) on April 6 released a request for information (RFI) asking people for feedback on two requirements of the Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH Act), as amended in 2021.[2] OCR is looking for input on how “covered entities and business associates understand and are implementing ‘recognized security practices,’ how they anticipate adequately demonstrating that recognized security practices are in place, and other implementation issues they are considering or would like OCR to clarify” through future guidance or rulemaking. Public comment is also being sought on the kinds of harms that OCR should consider in distributing civil monetary penalties and settlements to people who have been harmed by a potential violation of the HIPAA privacy, security, and/or breach notification rules.