CMS Confirms EVV is Subject to HIPAA

/0 Comments/in /by

In a July 2018 letter to ANCOR, CMS (Centers for Medicare & Medicaid Services) confirmed EVV systems “are subject to HIPAA privacy and security protections”. HIPAA compliance will impact the range of EVV systems available to providers to choose from. As not all vendors will permit PHI (Protected Health Information) to be stored at their data centers, EVV systems need to comply with three sets of regulations:

  • The 21st Century Cures Act
  • Additional state-regulations
  • HIPAA

The identity of clients, services delivered, and documentation will need to be protected by technical security that meets HIPAA standards, as well as HIPAA training for staff managing EVV PHI data at both the provider and software vendor.

For more information on EVV compliant time and attendance solutions, download the myAttendance fact sheet. In addition, providers need to consider BYOD (Bring Your Own Device) policies. For more information, download this eBook, How Agencies Should Implement a BYOD (Bring Your Own Device) Program.

Post Views: 43
You might also like
Pennsylvania Agencies Share their Thoughts on EVV Agencies Speak Out on EVV in Louisiana
State EVV Updates - Overlapping Records2018 MITC EVV Officially Delayed
0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *