HIPAA Enforcement Promises, But Lacks Specifics
The Office of the National Coordinator for Health Information Technology issued a report May 18 that highlights how it will carry out HIPAA privacy and security regulations in the Health Information Technology for Economic and Clinical Health (HITECH) Act.
Is it merely the same information from HITECH, but said a different way?
Some say the report does not include enough specifics about how the federal government will enforce the new HIPAA laws included in the HITECH portion (Title XIII) of the American Recovery and Reinvestment Act (ARRA) of 2009.
Others call the document "impressive," evidence of a "sea of change" and an effort on behalf of the federal government to carry out its promises to protect patient privacy and enforce HIPAA laws.
"The section on privacy and security really does not provide any new information," says Chris Apgar, CISSP, president of Apgar & Associates, LLC, in Portland, OR. "The deadlines included in the document merely match the statutory requirements from ARRA. The dates listed match the dates HHS is required to promulgate rules, revise existing rules or issue guidance. I'm not very impressed with the document."
However, the HHS document left John C. Parmigiani, president, John C. Parmigiani & Associates, LLC, "impressed" with the effort ONC has taken to plan and be accountable for its oversight activities under ARRA/HITECH.
"While government moves slowly--so don't expect overnight miracles--I absolutely see HITECH as a sea change," says Kate Borten, CISSP, CISM, president of The Marblehead Group in Marblehead, MA, who specializes in HIPAA privacy and security.
According to HHS, the federal government will spend about $24.3 million on privacy and security efforts, including:
- Reports to Congress
- Training for State Attorneys General
- Carrying out regulatory and enforcement requirements of the HITECH
Nearly $10 million will do toward Office for Civil Rights (OCR) and CMS audits. The former enforces the HIPAA Privacy Rule, the latter the HIPAA Security Rule.
Dom Nicastro is a contributing writer. He edits the Medical Records Briefings newsletter and manages the HIPAA Update Blog.
- Primary Care Docs Average More Hospital Revenue Than Specialists
- 69% of Employers Plan to Offer Healthcare Coverage After 2014
- How Chargemaster Data May Affect Hospital Revenue
- Q&A: Catholic Health Initiatives' New Senior VP for Capital Finance
- Building a Better Healthcare Board
- Hospital Pricing Irks Nurses; More Jobs, Less Pay
- ED Physicians Key to Half of Hospital Admissions
- CMS Seeks to 'Rapidly Reduce' Medicare Spending with $1B in Grants
- Quiet ORs Better for Patient Safety
- CMS Releases Hospital Pricing Data