The HIPAA Omnibus Update rules contain numerous changes to HIPAA Privacy rule, Security, and Breach Notification Rules that will need to be reflected in every health care-related organization’s policies and procedures. Several policies and procedures will need to be reviewed and updated to meet the new requirements. Some of the most significant changes have to do with changes to individual rights under HIPAA that must be reflected in an entity’s HIPAA policies and Notice of Privacy Practices (NPPs). All HIPAA Covered Entities should have updated policies, procedures, and Notices of Privacy Practices to reflect the changes by September 23, 2013. Violations are subject to enforcement that can include fines up to $50,000 per day.
The new HIPAA policy has included—new requirements of fundraising activity and an opportunity to opt out, new requirements for individuals to provide authorization for the sale of PHI, new rights of access to electronic records, new rights to restrict certain disclosures, and rights of notice in the event of a breach. Health Plans also have changes related to the Genetic Information Nondiscrimination Act (GINA) that must be reflected in their policies and notices.
Reimbursed marketing activity that may have been permissible without authorization from the individual under the old rules now requires authorization, and no longer needs to be specifically listed in the NPP. Policies on HIPAA Breach Notification and incident handling need to reflect the new way of determining whether or not a breach is reportable. And HIPAA Business Associates are now covered under the regulations, requiring them to have a full set of HIPAA policies in place, and covered entities’ policies should reflect the change.
Sign up for this HIPAA compliance program presented by Jim Sheldon-Dean to get insights on the new HIPAA rights and regulations. Jim will acknowledge the areas where the current rights need to be modified and discuss the information that needs to be added or removed to meet the recent requirements most efficiently and economically.
This one of a kind session, will cover:
Who Should Attend? Compliance Manager, HIPAA Officer, Chief Information Officer, Health Information Manager, Medical Office Manager, Medical Practice Lawyer, CFO, CEO, COO. Privacy Officer, Information Security Officer
- Jim Sheldon-Dean
Jim Sheldon-Dean is a healthcare compliance and HIPAA expert in the areas of privacy and security regulatory compliance and business process analysis. He is the founder and director of compliance services at Lewis Creek Systems, LLC, a Vermont-based consulting firm founded in 1982, providing information privacy and security regulatory compliance services to a wide variety of healthcare entities. Jim is a frequent speaker regarding HIPAA...
More Events By The Speaker