Invite a Friend

Sitemap

Home

Technology
e-Newsletter

Intelligence Unit

Special Reports

Special Events

Subscribe

Sponsored

Departments

Follow Us

Home > Technology > Tech News & Analysis

HIPAA Enforcement Promises, But Lacks Specifics

Comment

RSS

News Widget

Dom Nicastro, for HealthLeaders Media, May 22, 2009

The Office of the National Coordinator for Health Information Technology issued a report May 18 that highlights how it will carry out HIPAA privacy and security regulations in the Health Information Technology for Economic and Clinical Health (HITECH) Act.

Is it merely the same information from HITECH, but said a different way?

Some say the report does not include enough specifics about how the federal government will enforce the new HIPAA laws included in the HITECH portion (Title XIII) of the American Recovery and Reinvestment Act (ARRA) of 2009.

Others call the document "impressive," evidence of a "sea of change" and an effort on behalf of the federal government to carry out its promises to protect patient privacy and enforce HIPAA laws.

"The section on privacy and security really does not provide any new information," says Chris Apgar, CISSP, president of Apgar & Associates, LLC, in Portland, OR. "The deadlines included in the document merely match the statutory requirements from ARRA. The dates listed match the dates HHS is required to promulgate rules, revise existing rules or issue guidance. I'm not very impressed with the document."

However, the HHS document left John C. Parmigiani, president, John C. Parmigiani & Associates, LLC, "impressed" with the effort ONC has taken to plan and be accountable for its oversight activities under ARRA/HITECH.

"While government moves slowly--so don't expect overnight miracles--I absolutely see HITECH as a sea change," says Kate Borten, CISSP, CISM, president of The Marblehead Group in Marblehead, MA, who specializes in HIPAA privacy and security.

According to HHS, the federal government will spend about $24.3 million on privacy and security efforts, including:

Audits

Reports to Congress

Training for State Attorneys General

Carrying out regulatory and enforcement requirements of the HITECH

Nearly $10 million will do toward Office for Civil Rights (OCR) and CMS audits. The former enforces the HIPAA Privacy Rule, the latter the HIPAA Security Rule.

Dom Nicastro is a contributing writer. He edits the Medical Records Briefings newsletter and manages the HIPAA Update Blog.

Email to a colleague

RSS

News Widget

Archive

Printer Friendly

Be the first to make a comment

Comments are moderated. Please be patient.

’Mystery shoppers’ to monitor access to docs

Alarmed by a shortage of primary care doctors, Obama administration officials are recruiting a team of "mystery shoppers" to pose as patients, call doctors' offices and request appointments to see how...

Key healthcare provisions take effect as GOP moves into House

Key parts of the new healthcare law will go into effect on Jan. 1, just before a Republican-controlled House returns to Washington. The massive overhaul of healthcare approved by Congress earlier this year...

Tighter medical privacy rules sought

The Obama administration is rewriting new rules on medical privacy after an outpouring of criticism from consumer groups and members of Congress who say the rules do not adequately protect the rights of...

go to complete list