Today, April 14, 2015, marks the 12th anniversary of the compliance date for the HIPAA Privacy Rules for most “Covered Entities” – healthcare providers who engage in certain electronic transactions, health plans, and healthcare clearing houses.
The American Recovery and Reinvestment Act of 2009 (ARRA) tasked the Office of Civil Rights (OCR) (the division of the Department of Health and Human Services responsible for enforcing the Health Insurance Portability and Accountability Act (HIPAA) and regulations promulgated thereto) with conducting audits of covered entities and business associates for compliance with HIPAA.
Electronic medical records provide a multitude of benefits for providers and patients by promoting efficient record access, cost savings and better patient care. So what’s the down side?
Beware Medical Records Subpoenas: Connecticut Supreme Court Issues Opinion On Negligence for Noncompliance with HIPAA Standards
Health care providers and their medical records custodians constantly find themselves under pressure to release medical records immediately upon receipt of a subpoena.
Recently, a national BlueCross BlueShield affiliate, Anthem, Inc., discovered that its information technology systems was hacked.
I posed a question in Part 1 of this post which I will summarize here: is personal health information provided to a Patient Assistance Program (PAP) in order to help with covering the cost of prescription drugs protected as “protected health information” (PHI) under HIPAA?
Patient Assistance Programs (PAPs) have proliferated in recent years, despite the fact that many commonly-prescribed medications have lost patent protection and the Affordable Care Act (ACA) has attempted to eliminate pre-existing condition discrimination by insurance companies. Still, drug costs remain unaffordable to many patients, particularly those with high-cost, chronic conditions, even when patients have insurance coverage.
Health-related technology has developed light-years faster than health information privacy and security protection laws and policies, and consumers can find new mobile health applications for a wide range of purposes ranging from diabetes management to mole or rash evaluation to fitness tracking.
HIPAA 2015 Enforcement Priorities Highlight Cyber Threats, but Timing of HIPAA Compliance Audits Still Uncertain
On January 13, 2015, Jocelyn Samuels, director of the Office of Civil Rights (OCR) at the U.S. Department of Health and Human Services, briefed reporters on the agency’s HIPAA enforcement priorities, noting a focus on threats to electronic health information, or ePHI.