The Health Insurance Portability And Accountability Act

2232 Words9 Pages

The Department of Health and Human Services (HHS) indicates that HIPAA violations have been generally increasing throughout the years. Now that electronically maintained patient information exists, it has become increasingly difficult to limit information sharing in a manner that guarantees usage for its intended genesis. Personal information travels across several channels, to include healthcare providers, third party payers, and other business associates. Few controls exist to regulate how this information is maintained, or disseminated. If state law or local legislation does not forbid accessing patient health records or sharing patient information, any information held by a provider or business associate could be passed
…show more content…
Four years after HITECH, the Department of Health and Human Services (HHS) issued the Omnibus Rule to strengthen the movement toward more efficient healthcare delivery, providing national standards to protect the privacy and security of personal health information, and establishing rules governing the compliance responsibilities of covered entities (Jenkins, Merz & Sankar, 2005). The Rule took effect on March 26, 2013.
The Rule implemented changes to HIPAA’s Privacy, Security, and Enforcement Rules mandated by HITECH, modified the Breach Notification Rule, and finalized revisions to HIPAA’s Privacy Rule to strengthen protections for genetic information. It contains a preemption provision to supersede conflicting provisions of state law. The Rule requires that covered entities and business associates modify their policies to reflect these new changes and offers formal assurances to patients that entities are required to protect personal information by establishing additional standards to better manage and safeguard health information. The Rule revises provisions of older legislation to strengthen further the privacy and security protections of individuals’ personal health information. In addition, it reinforces the government’s ability to enforce penalties on all those who violate the law, proportional to the level of negligence. The Rule clarifies ambiguities in previous regulations and expands definitions as needed to ensure continuity in adherence to security
Open Document