Follow Us Become a Fan of Practice Manager Solutions on Facebook Follow Rebecca on Twitter Follow Rebecca on LinkedIn Practice Manager Solutions on LinkedIn Practice Manager Solutions on GooglePlus Practice Manager Solutions on Pinterest Practice Manager Solutions RSS Feed

Home

“Sweeping Change” Comes to HIPAA Privacy and Security Rules

January 23, 2013

With the release of the HHS Omnibus Final Privacy and Security Rules last week, it’s apparent more than ever how important documentation is in protecting your practice from HIPAA Privacy and Security leaks. As we busily prepare for our one-on-one HIPAA Compliant Policy Writing Intensive workshop this week, we want to summarize some of the major points of this new legislation:

  1. The new rules increase the responsibility for HIPAA privacy and security placing the burden of proof on the covered entity or business associate. The best defense in this situation is a thorough understanding of where your risks are, ongoing actions that mitigate risk and excellent documentation.
  2. The Breach Notification Rule has been modified stating that all breaches require mandatory notification unless the breach has a low probability of resulting in the release of patient protected health information.
  3. HHS Office of Civil Rights, under the direction of Leon Rodriguez, has greater ability to enforce HIPAA Security and Privacy protections on covered entities and/or their business associates.

These expanded rules take effect on March 26, 2013 with all covered entities and business associates required to be in compliance by September 23, 2013. Penalties for non-compliance have been increased to a maximum of $1.5 million per incident depending on the level of negligence involved.

If you were unable to attend our Policy Writing workshop this month but want to be put on a notification list for details about our March workshop, send an email to us at info@practicemanagersolutions.com.

We also wanted to remind you of the 2012 Meaningful Use attestation deadline. Eligible professionals have until February 28 to perform their MU attestation for the 90-day period ending December 31, 2012. If you need any assistance with your attestation process, give us a call. We’re available to answer your questions.

Share and Enjoy:

Topics: EHR Incentive, HIPAA Security Policies, Meaningful Use | Comments Off on “Sweeping Change” Comes to HIPAA Privacy and Security Rules

Comments are closed.

Rebecca on Twitter
  • HIPAA Breach Report – Henry Schein

    In this week’s HIPAA Breach Report, we identify Henry Schein, supplier of dental practice software and supplies, as receiving a HIPAA fine of $250,000 for misleading their customers into thinking they have the latest encryption and security protections. Additionally, they are likely open to lawsuits from the dental practices who use their practice management software due to this breach. You can READ MORE about this breach report on the Federal Trade Commission website. Makes you wonder who you’re trusting to protect your e-PHI. Are you asking your vendors the right questions?    

    KEEP READING »

From My Clients

“I have known Rebecca for the past 10 years, both professionally and personally, through our association in Sage Healthcare EMR implementation projects and as a consultant to NIIT Healthcare Technologies. I can attest to her outstanding professionalism and healthcare industry & practice knowledge. Her management support services are invaluable to her clients. Rebecca takes a personal interest in all she does and demonstrates a continual upbeat and positive attitude that is contagious to those around her. Her “go above and beyond approach” leads to complete client satisfaction. I would recommend Rebecca without reservation.”

Kathy Monnett, NIIT Healthcare Technologies


Online Payment Solution