California Consumer Privacy Act of 2018 – Bill Text

California Consumer Privacy Act

The California Consumer Privacy Act (CCPA), is a bill that enhances privacy rights and consumer protection for residents of California, United States. The bill was passed by the California State Legislature and signed into law on June 28, 2018, The bill is Officially called AB-375 The CCPA becomes effective on January 1, 2020.

Continue reading

HIPAA Compliance Review Program Launch

HIPAA Compliance

The Centers for Medicare & Medicaid Services (CMS) Division of National Standards, on behalf of the Department of Health and Human Services (HHS), is launching the HIPAA Compliance Review Program to ensure compliance among covered entities with HIPAA Administrative Simplification rules for electronic health care transactions.

In April 2019, HHS will randomly select 9 HIPAA-covered entities—a mix of health plans and clearinghouses—for HIPAA Compliance Reviews. Any health plan or clearinghouse—not just those who work with Medicare or Medicaid—may be selected. In 2018, HHS piloted the program with health plan and clearinghouse volunteers to streamline the process. In 2019, providers will be able to participate in a separate pilot program on a voluntary basis.

Moving forward, the Compliance Review Program will conduct periodic reviews with randomly selected entities to assess compliance.

Read the full Information Bulletin on the Go-to-Info page for more information, and watch for more Email Update messages with details about the program.

Interested in becoming HIPAA Compliant? We can help maintain your business posture. Check out our HIPAA Compliance service offerings Contact us at 866-276-8309 or info@ehr20.com with any questions.

CMS on behalf of HHS is launching a HIPAA Compliance Review Program to ensure compliance with the administrative safegaurds by covered entities.

FDA CFR Part 11 Compliance and Benefits

The FDA regulation in 21 CFR Part 11 came into effect on August 20, 1997. It regulates drug makers, medical device manufacturers, biotech companies, biologic developers  and other FDA-regulated industries on how companies should handle electronic records and electronic signatures.The regulation does not mandate the use of electronic records or signatures; rather, it simply outlines the requirements that must be met by medical device, drug, and biologic manufacturers that do choose to use them, within the context and enforcement parameters of the regulation.

The regulation primary focus on the following principles:

Availability:  That information can be viewed in either electronic or human-readable format and that records be available “in a timely fashion”.  

Validation: That the information is complete – that each record can be tracked to its source and that related records are connected.

Audit trail : That the time of information entry and of any modification is noted.

Integrity:  That the information has not been altered in a manner that obscures the original information (much as is done with laboratory notebooks, where corrections are signed and where incorrect information is never deleted, merely amended).

User verification : That only authorized personnel can access the system, and the person creating, modifying, or reviewing any information is identified and personally attests to the validity of the process.

Documentation: That all experimental protocols are clearly documented and identified.

System Validation:  That the system has been validated to operate correctly.

Training log:  That all staff members are trained in the protocols and that training logs are available.

Benefits of Complying with FDA CFR Part 11 Compliance:

  1. Looks impressive on your patent filing.  Compliance with 21 CFR Part 11 will produce the exact records that you will need for your patent filing and later will help with any patent dispute.
  2. Complying with 21 CFR part 11 will strengthen your security procedure and increase your workflow efficiency
  3. Incorporating Part 11 compliance requirements during your initial  system design will be much efficient and easier than to deal with part 11 remediation in the later phase of your product development.
  4. As FDA expands the compliance to new areas of drug discovery or any new automation systems etc, comply with the regulations will become easier.

Experts at EHR 2.0 can help organisation of any size become compliant with 21 CFR Part 11. 

Interested in becoming FDA 21 CFR part 11 Compliant? Industry certified professionals at EHR 2.0 can help maintain your business posture.  Contact us at 866-276-8309 or info@ehr20.com with any questions or to request a quote.

Data Protection Officer (DPO) and GDPR Compliance

Appointment of DPO is mandatory requirement of GDPR compliance. Depending on the volume of personal data and the size of the organization, a in-house DPO or a virtual DPO can be appointed.
EJR 2.0. can help you stay compliant with GDPR compliance through of DIY online Toolkit or by our consulting service. We also offer virtual DPO service.

Continue reading