HIPAA Final Rule Raises Fines for Non-Compliance
The HIPAA omnibus final rule released by the Department of Health & Human Services January 17 will cost hospitals some time and money in regulation analysis, training, and policy revision, but shouldn't break the bank, healthcare leaders and privacy and security experts say.
The HIPAA "mega rule," so-called by some in the industry, represents the largest set of modifications to the HIPAA privacy and security rules to date.
"The new law needs to be analyzed and will have some impact on current processes, although they appear after my high level review to be expected and minor in nature," says Chris D. Van Gorder, FACHE, president and CEO of Scripps Health in San Diego.
"There will be costs to Scripps to analyze the regs, revise policies, revise and distribute the Notice of Privacy Practice (NPP), and to revise our standard Business Associate agreement if legal determines that is necessary and get our BA's to sign the new version."
The final omnibus rule enhances a patient's privacy protections, provides individuals new rights to their health information, strengthens the government's ability to enforce the law, and requires updates to business associate contracts.
The rule, required by the Health Information Technology for Economic and Clinical Health (HITECH) Act signed into law in February of 2009, is enforceable beginning September 24. It holds accountable third-party subcontractors who use and disclose PHI to HIPAA rules and penalties.
- NCQA Releases Annual Health Plan Rankings
- Technology Lights Up Health Innovation Forum
- 3 NC Health Systems Form Shared Services Organization
- Hospital Pharmacies Prep for Drug Takebacks
- Few Winners Among MSSP Participants
- Interstate Medical Licensure Effort Advances
- Data Points to Boom in Private HIX
- Anthem Blue Cross, 7 CA Health Systems Create New Challenger, Business Model
- CMS Forecasts 4% Medicare Advantage Premium Hike in 2015
- How much does that x-ray cost? You can find out in NH