September 20, 2014
September 19, 2014
September 18, 2014
HHS Releases HIPAA and HITECH ACT Mega-Rule
On January 17, 2013 the Department of Health and Human Services released an omnibus rule making changes to the Health Insurance Portability and Accountability Act (“HIPAA”) regulations related to privacy and security. The new final rule expands requirements beyond covered entities (health care providers, health plans, and entities that process health insurance claims) to business associates of covered entities in order to provide additional protections. These changes represent some of the most significant changes to the rule since it was first implemented fifteen years ago.
This mega rule also seeks to finalize privacy and security regulations related to the Health Information Technology for Economic and Clinical Health Act (“HITECH Act”) as well as implement certain provisions of the Genetic Information Nondiscrimination Act of 2008 (“GINA”).
The final rule is effective on March 26, 2013; covered entities and business associates must comply with the rules by September 23, 2013. A copy of the rule can be found here.
<span class="advertise"> Advertisement </span>
- EEOC Sues BNV Home Care Agency for Violating Genetic Information Nondiscrimination Act
- Court Rejects FDA’s Interpretation of the Statute’s Device Definition as “Erroneous and Unreasonable”
- U.S. Government Accountability Office (GAO) Report Outlines Healthcare.gov’s Ongoing Privacy Issues
- HIPAA Omnibus Rule: Deadline Approaching to Update Grandfathered Business Associate Agreements
- Reminder: Update Your “Grandfathered” HIPAA Business Associate Agreements Now!
- HIPAA Privacy Rule Also Affected By Supreme Court’s DOMA Decision in U.S. v. Windsor