HIPAA and HITECH Proposed Regulations Released

Posted by Jason Greis on August 6, 2010 under Articles | Be the First to Comment

Summary of Proposed Changes to Privacy, Security and Enforcement Rules Read More...

HHS Issues Regulations Regarding Notification of Breaches of Unsecured Protected Health Information

Posted by Jason Greis on August 26, 2009 under Articles | Be the First to Comment

On Aug. 24, 2009, the U.S. Department of Health and Human Services (HHS) published interim final regulations (the Rule) governing notification of breaches of unsecured protected health information (PHI) by HIPAA-covered entities and business associates. The Rule is one of several sets of regulations mandated by the Health Information Technology for Economic and Clinical Health Act (HITECH Act), enacted on Feb. 17, 2009, as a part of the American Recovery and Reinvestment Act of 2009 (ARRA). The Rule will be effective on Sept. 23, 2009. Read More...

Stimulus Legislation Expands Privacy Regulation for Health Care Businesses

Posted by Jason Greis on March 2, 2009 under Articles | Be the First to Comment

Health care providers and any businesses that provide information technology services for them will be subject to much greater regulation of their information security practices as a result of a major component of the recent economic stimulus legislation. Known as the Health Information Technology for Economic and Clinical Health Act (or the “HITECH Act”), this portion of the federal economic stimulus package is the most expansive modification to the federal privacy and security rules for health-related businesses since the 1996 enactment of HIPAA. Read More...

Federal Stimulus Bill Significantly Expands the Scope of HIPAA’s Privacy and Security Requirements

Posted by Jason Greis on February 24, 2009 under Articles | Be the First to Comment

On February 17, 2009, President Barack Obama signed the American Recovery and Reinvestment Act of 2009 (the “ARRA”), commonly referred to as the federal stimulus bill. The ARRA contains several provisions — intended to promote the use of health information technology — that would significantly expand the scope of the privacy and security requirements of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). These changes, summarized below, include: Read More...

HIPAA Impact on Electronic Health Records (8/21/08)

Posted by Jason Greis on December 8, 2008 under Articles | Be the First to Comment

An increasing number of hospitals and other health care facilities are providing physicians with access to software and other assistance relating to the implementation of electronic health records (“EHR”) systems. These entities which are considered covered entities by the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), find it difficult to reconcile the open access of many EHR systems to the HIPAA obligations of a covered entity to secure and to protect the confidentiality of protected health information (“PHI”). HIPAA regulations require that covered entities implement administrative, physical and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability of the electronic PHI that it creates, receives, maintains, or transmits. This article provides guidelines to assist hospitals and health care facilities who provide EHR technology to physicians or certain of their representatives on how to incorporate EHR systems with the HIPAA requirements. Read More...