A Detailed Analysis of Changes to HIPAA and the Implications for Healthcare Providers and Others in the Healthcare Industry

more+
less-

On Friday, January 25, 2013, the Office for Civil Rights ("OCR") of the U.S. Department of Health and Human Services ("HHS") published a final rule modifying the HIPAA Privacy, Security, and Enforcement Rules (the "Final Rule") as mandated by the Health Information Technology for Economic and Clinical Health ("HITECH") Act. Many of these modifications were set forth in a Notice of Proposed Rulemaking ("NPRM") dated July 14, 2010, although the Final Rule does not adopt all the proposals as described in the NPRM.
The Final Rule also modifies the Breach Notification Rule, which has been effective as an interim final rule since September 23, 2009. Finally, the Final Rule strengthens privacy protections for certain genetic information under the Genetic Information Nondiscrimination Act ("GINA").
The Final Rule makes significant changes to HIPAA and the potential penalties for violating HIPAA. The Final Rule also expands the scope of HIPAA, meaning that some businesses that were not subject to HIPAA before the Final Rule now have HIPAA compliance obligations and can be subject to enforcement action for noncompliance. Healthcare providers and others in the healthcare industry should be aware of these changes and how they will apply to their particular business.
The Final Rule is effective on March 26, 2013, and Covered Entities and Business Associates must comply with the Final Rule by September 23, 2013.
Click each subheading below for a detailed summary of some of the key provisions of the Final Rule:
If you have any questions about the Final Rule or HIPAA please contact Jill M. Girardeau, the principal drafter of this alert, Sarah B. Crotts, Deonys de Cárdenas, Tracy Field, or any member of Womble Carlyle's Healthcare Industry Team.

 

Written by:

Published In:

OCR

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Womble Carlyle Sandridge & Rice, LLP | Attorney Advertising

Don't miss a thing! Build a custom news brief:

Read fresh new writing on compliance, cybersecurity, Dodd-Frank, whistleblowers, social media, hiring & firing, patent reform, the NLRB, Obamacare, the SEC…

…or whatever matters the most to you. Follow authors, firms, and topics on JD Supra.

Create your news brief now - it's free and easy »

All the intelligence you need, in one easy email:

Great! Your first step to building an email digest of JD Supra authors and topics. Log in with LinkedIn so we can start sending your digest...

Sign up for your custom alerts now, using LinkedIn ›

* With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name.
×
Loading...
×
×