Loading... Please wait...

Final HIPAA Privacy and Security Rules Released

Posted

Significant Changes to the HIPAA Privacy and Security Rules Create New Compliance Requirements for Many Businesses

In a long-awaited regulatory decision, the Department of Health and Human Services (HHS) issued modifications to the HIPAA Privacy, Security Enforcement and Breach Notification Rules on Jan. 17, 2013.  The Final Omnibus Rule represents some of the most sweeping changes since HIPAA was enacted more than 15 years ago.

According to HHS Secretary Kathleen Sebelius, the new rule not only changes various aspects of health privacy laws, but also “helps protect patient privacy and safeguard patients’ health information in an ever-expanding digital age.”  These protections apply whether the information is being held by a health plan, a healthcare provider or one of their business associates.

The new rule goes into effect March 26, 2013, with enforcement beginning Sept. 23, 2013.  Here are the most significant changes:

  • The HIPAA Privacy Rule has been extended to business associates receiving protected health information (PHI), adding contractors and subcontractors to the category of business associates.
  • The definition of marketing was revised to set new limits on how PHI is used and disclosed for marketing and fundraising purposes
  • HITECH Breach Notification requirements have been strengthened, clarifying when breaches of PHI must be reported to HHS.
  • Penalties for noncompliance have increased to up to $1.5 million per violation. 
  • Covered businesses are required to modify and redistribute their notice of privacy practices.
  • Patients have a right to request a copy of their electronic medical records.
  • Individuals paying for medical service by cash may ask that treatment information not be disclosed to their health plan.
  • Health information may not be sold without the individual’s permission.
  • Health plans are prohibited from using or disclosing genetic information for underwriting purposes, as required by the Genetic Information Nondiscrimination Act.

To Order HIPAA Products:

New Medical Forms

1-888-482-7288

www.newmedicalforms.com