On March 2, CMS published a certification letter that contains guidance concerning HIPAA standards. The letter specifically addresses permitted incidental uses and disclosures and includes reasonable safeguards that must be in place to ensure patient privacy. To access the CMS Survey and Certification letter click here.