Although Tuesday is the effective date for multiple new rules that expand and update HIPAA provisions, compliance for the majority of the new rules’ provisions will not be required for another six months, Modern Healthcare reports (Conn, Modern Healthcare, 3/25).
Background
The final omnibus rule — which includes four final rules that implement tougher privacy and security provisions — was called for under the 2009 federal economic stimulus package’s HITECH Act and the Genetic Information Nondiscrimination Act. The rules:
Compliance for New Provisions
Angela Dinh Rose — director of health information management practice excellence at the American Health Information Management Association — said the compliance date for most of the rules’ provisions is Sept. 23.
Entities that already had a HIPAA-compliant agreement with a business associate prior to the rules’ official publication date of Jan. 25 will be granted a one-year grace period, as long as the contract does not require renewal between March 26 and Sept. 24.
Out-of-Pocket Provision Could Be a Challenge
According to Modern Healthcare, one of the biggest challenges under the rules is a provision allowing patients to request that insurers not be informed of treatments that are paid for out-of-pocket.
Dinh Rose said training staff and implementing new systems capable of complying with that provision will be “an operational challenge and a system challenge.”
The Department of Veterans Affairs, HHS’ Substance Abuse and Mental Health Services Administration and other groups already have developed a system that will allow such records to be blocked (Modern Healthcare, 3/25).
Source: iHealthBeat
Comments are closed.
Copyright 2015 - Pulse Practice Solutions | 615.425.2719