2013 HIPAA Updates Just Published

  1. 0
    ii. Summary of Major Provisions
    This omnibus final rule is comprised of the following four final rules:
    1. Final modifications to the HIPAA Privacy, Security, and Enforcement Rules
    mandated by the Health Information Technology for Economic and Clinical
    Health (HITECH) Act, and certain other modifications to improve the Rules,
    which were issued as a proposed rule on July 14, 2010. These modifications:
    Make business associates of covered entities directly liable for compliance
    with certain of the HIPAA Privacy and Security Rules’ requirements.
    • Strengthen the limitations on the use and disclosure of protected health
    information for marketing and fundraising purposes, and prohibit the sale of
    protected health information without individual authorization.
    • Expand individuals’ rights to receive electronic copies of their health
    information and to restrict disclosures to a health plan concerning treatment
    for which the individual has paid out of pocket in full.
    • Require modifications to, and redistribution of, a covered entity’s notice of
    privacy practices.
    • Modify the individual authorization and other requirements to facilitate
    research and disclosure of child immunization proof to schools, and to enable
    access to decedent information by family members or others.
    • Adopt the additional HITECH Act enhancements to the Enforcement Rule not
    previously adopted in the October 30, 2009, interim final rule (referenced
    immediately below), such as the provisions addressing enforcement of
    noncompliance with the HIPAA Rules due to willful neglect.

    2. Final rule adopting changes to the HIPAA Enforcement Rule to incorporate the

    increased and tiered civil money penalty structure provided by the HITECH Act,
    originally published as an interim final rule on October 30, 2009.

    3. Final rule on Breach Notification for Unsecured Protected Health Information

    under the HITECH Act, which replaces the breach notification rule’s “harm”threshold with a more objective standard and supplants an interim final rule
    published on August 24, 2009.

    4. Final rule modifying the HIPAA Privacy Rule as required by the Genetic

    Information Nondiscrimination Act (GINA) to prohibit most health plans from
    using or disclosing genetic information for underwriting purposes, which was
    published as a proposed rule on October 7, 2009.

    You can read the whole 563 pages if you like at
    http://www.workplaceprivacyreport.co...2001172013.pdf
  2. 2,777 Visits
    Find Similar Topics
  3. 2 Comments so far...

  4. 0
    Quote from GrnTea
    ii. Summary of Major Provisions
    This omnibus final rule is comprised of the following four final rules:
    1. Final modifications to the HIPAA Privacy, Security, and Enforcement Rules
    mandated by the Health Information Technology for Economic and Clinical
    Health (HITECH) Act, and certain other modifications to improve the Rules,
    which were issued as a proposed rule on July 14, 2010. These modifications:
    Make business associates of covered entities directly liable for compliance
    with certain of the HIPAA Privacy and Security Rules’ requirements.
    • Strengthen the limitations on the use and disclosure of protected health
    information for marketing and fundraising purposes, and prohibit the sale of
    protected health information without individual authorization.
    • Expand individuals’ rights to receive electronic copies of their health
    information and to restrict disclosures to a health plan concerning treatment
    for which the individual has paid out of pocket in full.
    • Require modifications to, and redistribution of, a covered entity’s notice of
    privacy practices.
    • Modify the individual authorization and other requirements to facilitate
    research and disclosure of child immunization proof to schools, and to enable
    access to decedent information by family members or others.
    • Adopt the additional HITECH Act enhancements to the Enforcement Rule not
    previously adopted in the October 30, 2009, interim final rule (referenced
    immediately below), such as the provisions addressing enforcement of
    noncompliance with the HIPAA Rules due to willful neglect.

    2. Final rule adopting changes to the HIPAA Enforcement Rule to incorporate the
    increased and tiered civil money penalty structure provided by the HITECH Act,
    originally published as an interim final rule on October 30, 2009.

    3. Final rule on Breach Notification for Unsecured Protected Health Information
    under the HITECH Act, which replaces the breach notification rule’s “harm”threshold with a more objective standard and supplants an interim final rule
    published on August 24, 2009.

    4. Final rule modifying the HIPAA Privacy Rule as required by the Genetic
    Information Nondiscrimination Act (GINA) to prohibit most health plans from
    using or disclosing genetic information for underwriting purposes, which was
    published as a proposed rule on October 7, 2009.

    You can read the whole 563 pages if you like at
    http://www.workplaceprivacyreport.co...2001172013.pdf
    Thanks for the update GrnTea.
  5. 0
    Periodic bump.


Top