HIPAA Final Rule The HIPAA Final Rule, released January 17, 2013, taking effect March 26, 2013, must be implemented by Covered Entities and Business Associates by September 23, 2013, which has already passed. One requirement is to train all workforce members. Even those familiar with HIPAA policies will need retraining, according to HHS Office of
The Violation Concentra Health Services has been fined approximately $1.7 million and Arkansas insurer QCA Health Plan Inc. $250,000 by OCR for stolen laptops containing unencrypted Protected Health Information (PHI). (Stolen laptops lead to important HIPAA settlements). According to OCR, both Organizations demonstrated long-term non-compliance with HIPAA. Along with the fines, both organizations have committed
HIPAA or the Health Insurance Portability and Accountability Act is a set of rules and regulations that has historically applied to Covered Entities (CEs) such as health care providers that engage in standard electronic transactions, health plans, and health care clearinghouses to help protect patient’s medical information typically known as Protected Health Information (PHI). As
As you should know, HIPAA security and privacy practices must be followed without exception. In a recent article posted in Reneal & Urology News a fax containing medical information was sent to the patients employer instead of his doctor. The patient had HIV and now his employer knew. The patient was very upset and notified
Medical practices that do not take proactive steps towards becoming HIPAA compliant do so with great risk, and sometimes are being misguided about a mandate to be compliant. Here are 12 common misconceptions about HIPAA you must be aware of: 1. “I can’t afford being compliant.” Yes, you may need to spend money to
The regulations known as the HIPAA/HITECH Omnibus Final Rule went into effect in late March 2013, with an 180-day safe harbor compliance period ending on September 23, 2013. While new rules do not drastically change HIPAA/HITECH compliance obligations for medical services and healthcare providers, big changes come to Business Associates – such as third-party administrators,
As announced in HHS press release last week, the managed care company WellPoint Inc. has agreed to pay the U.S. Department of Health and Human Services (HHS) $1.7 million to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules. This case sends an important message to
The Omnibus Final Rule took effect on January 17th, 2013, setting September 23rd as a deadline for regulations compliance. Not all medical practices are ready. With only 2 months left until the compliance due date, it is critical to review your Practice’s processes to analyze compliance readiness and to ensure the new HIPAA and HITECH
