New HIPAA Rules and Regs Compliance Deadline - Sept. 23

Sep 03, 2013 - Sep 30, 2013


September 23 is the next HIPAA Compliance Deadline.  Are you ready?

The Department of Health and Human Services (HHS) released new regulations in January 2013 that made important changes to the privacy and security requirements under the Health Insurance Portability and Accountability Act (HIPAA). These new regulations, known as the HIPAA Omnibus Rule, implement many of the provisions of the Health Information Technology for Economic and Clinical Health (HITECH) Act. Covered entities have until September 23 to comply with these changes.

Practices will, at minimum, need to review and update their business associate agreements, office privacy and security policies and notice of privacy practices.

Some of the key changes made by the HIPAA Omnibus Rule include, but are not limited to, an updated definition of a business associate, new rules surrounding certain permitted uses and disclosures of protected health information (PHI), such as the sale of PHI and the use of PHI for fundraising and marketing, and rules controlling how patients can obtain medical records that are kept by a physician electronically. It also made significant changes to the breach notification rule.

CPMA Members can find materials to help them comply with the new regulations and requirement in the Compliance Center under HIPAA in the Members' area of the CPMA website.