Health-related technology has developed light-years faster than health information privacy and security protection laws and policies, and consumers can find new mobile health applications for a wide range of purposes ranging from diabetes management to mole or rash evaluation to fitness tracking.
HIPAA 2015 Enforcement Priorities Highlight Cyber Threats, but Timing of HIPAA Compliance Audits Still Uncertain
On January 13, 2015, Jocelyn Samuels, director of the Office of Civil Rights (OCR) at the U.S. Department of Health and Human Services, briefed reporters on the agency’s HIPAA enforcement priorities, noting a focus on threats to electronic health information, or ePHI.
Normally I do not like to comment on cases that are not final or court opinions that do not have a definitive outcome on a case. But this is an exception because of the topic, which is HIPPA and privacy, which can get overlooked too frequently.
Under HIPAA rules, covered entities are required to report breaches of unsecured protected health information (PHI) to the Secretary of the Office of Civil Rights (OCR). The deadline for reporting breaches of PHI discovered during 2014 that affected fewer than 500 individuals is March 1, 2015.
As we reported, state Attorneys General have authority to enforce the privacy and security regulations under the Health Insurance Portability and Accountability Act (HIPAA), pursuant to the authority granted under the Health Information Technology for Clinical and Economic Health (HITECH) Act.
Medicare beneficiaries whose healthcare providers participate in an Accountable Care Organization (ACO) under the Medicare Shared Savings Program (MSSP) may want to add the Centers for Medicare & Medicaid Services (CMS) website, “Medicare & You”, to their lists of favorite internet links if they don’t want their Medicare claims data shared.
The New Year is here. It is time to make those 2015 resolutions, and not just those for getting fit and healthy. Resolve now to improve your organization’s compliance with the Health Insurance Portability and Accountability Act (“HIPAA”).