February 28, 2013
The HHS Omnibus Final Privacy and Security Rule takes effect on March 26, 2013. According to those rules, all covered entities and business associates have until September 23, 2013 to become compliant with the increased provisions including:
• Preparing new Business Agreements
• Business Associates must have security measures in place that comply with the Security Risk Assessment aspect of Meaningful Use
• Business Associates must have business agreements with all of their subcontractors that comply with the Final Rule
• Business Associates must have a breach notification process in place in the event any patient protected health information is compromised
One exception to the September deadline is for any Business Associate agreement that was in effect as of January 25, 2013. These affected covered entities and their business associates have until September 22, 2014 to modify their agreements to conform to the Final Rule as long as the agreement is not renewed or modified between March 26 and September 23, 2013.
Don’t wait until September to start working on your Business Agreements. Start talking with your Business Associates now so you can be proactive in meeting new Meaningful Use requirements.
Share and Enjoy: