The Office of Civil Rights (OCR) released the long awaited final regulations that affect four things; the privacy law, the security law, the HITECH rules and Genetic Information Nondiscrimination Act (GINA). These become effective September 23, 2013. These mean big changes to hospitals. This document was 563 pages long and is referred to as the mega rule. Hospitals will need to rewrite some of their policies and procedures. Staff will need to be educated.
Hospitals will need to revise their Notice of Privacy Practice which is provided to patients. Hospitals will need to revise their Business Associate (BA) agreements. Additional resources will be provided on this issue. The penalties have been increased. The kid gloves have come off and now it is more important than ever that every hospital ensure compliance with the new HIPAA regulations.
The Office for Civil Rights has issued a number of guidance notices in addition to the some model notices of privacy practices. This includes a new guidance on the following: marketing and refill reminders, decedents, and immunizations. OCR also issues a HIPAA Law Enforcement Guide and a sample business associate contract.
There are many changes to the HITECH law including the new standard that will replace the "harm standard." Changes have been made for the use and disclosure of medical record information, commonly referred to as protected health information (PHI). Changes have been made to fundraising research authorization and expanded protection for the medical records or PHI of a patient who is deceased
Why should you attend:All hospitals and other healthcare providers and entities must be compliant with the HIPAA regulations. This includes compliance with recent changes in privacy, security, HITECH (breach notification law) and the Genetic Information Nondiscrimination Act (GINA). The government has taken the kid gloves off when it comes to HIPAA. There are new penalties and OCR now has staff that go out and audit to ensure compliance.
Areas Covered in the Session: