6 Things to Know About the HIPAA Disclosures Proposed Rule
While it is a great time to review existing auditing procedures, remember that this is a proposed rule, subject to change. Privacy and security officers "may want to sit tight and not act prematurely in response to a proposed, rather than final, rule," Greene says.
1. Expansion of the accounting of disclosures details. This will require changes to the corresponding policies and/or procedures that cover accounting for disclosures, in addition to possible changes in the applications being used to log and track these types of disclosures, and the ways in which this accounting is provided to individuals requesting to see it, says Rebecca Herold, CISSP, CIPP, CISM, CISA, FLMI, of Rebecca Herold & Associates, LLC, in Des Moines, IA.
2. The creation of a new DRS (containing ePHI) access report. This data is likely already collected somewhere, but CEs and BAs (who have DRS's) will need to create reports that are readable by all individuals, and are not just a listing of raw log data, says Herold.
3. Updates to Notice of Privacy Practices (NPPs). The need to let individuals know their new, expanded rights will result in the need for CEs to update their NPPs and then ensure the updated NPPs are provided to patients according to the new requirements and within the indicated timeframes; they do seem to try and accommodate the CEs according to current requirements for at least annual notices.
- EHR Systems 'Immature, Costly,' AMA Says
- Better HCAHPS Scores Protect Revenue
- CEO Exchange: Preparing for Population Health
- Narrow Networks Cut Costs, Not Quality, Economists Say
- Interstate Medical Licensure Effort Advances
- 'Early Offer' Malpractice Programs May Spur Reform
- Advocate, NorthShore Deal Would Create 16-Hospital System
- 3 Strategies for Retaining Millennial Employees
- Anthem Blue Cross, 7 CA Health Systems Create New Challenger, Business Model
- How to Build a Health Plan from Scratch