Categories

• Automation
• Compliance
• Consolidation
• Data Protection
• Networking News
• News
• RAID
• Security News
• Sencilo News
• Storage News
• Uncategorized
• Vendor News
• Virtualization

Archived by Date

• June 2011
• May 2011
• April 2011
• March 2011
• January 2011
• December 2010
• November 2010
• October 2010
• September 2010
• August 2010
• July 2010
• June 2010
• May 2010
• April 2010
• March 2010
• February 2010
• January 2010
• December 2009
• November 2009
• October 2009
• September 2009
• June 2009
• May 2009
• April 2009
• March 2009
• February 2009
• January 2009
• December 2008
• November 2008
• October 2008
• September 2008
• August 2008
• July 2008
• June 2008
• May 2008
• April 2008
• March 2008
• February 2008
• January 2008

The Impact of Recent HIPAA Changes - July 5, 2010

Orlando Florida
by Kate Romanow


The Health Information Technology for Economic and Clinical Health (HITECH) Act, part of the American Recovery and Reinvestment Act of 2009, contains a number of changes to the regulations of the Health Insurance Portability and Accountability Act (HIPAA). To remain HIPAA-compliant, speech-language pathologists and audiologists who are "covered entities" (health care providers who conduct certain financial and administrative transactions electronically) should be aware of several HIPAA changes now in effect.

Security Breach Notifications
A covered entity must notify affected individuals following the discovery of a breach of unsecured protected health information (PHI). If a covered entity discovers a breach, it must provide written notice to the individual without "unreasonable delay" and within 60 days after the discovery of the breach. A business associate must follow the same timeline to notify the covered entity when it discovers a breach. To learn more about what constitutes a breach and unsecured PHI, go to ASHA's Advocacy Web site.

Right to Request PHI Restriction
Under HIPAA, an individual has the right to request that the covered entity restrict the use and disclosure of his or her PHI for treatment, payment, or health care operations. Prior to the HITECH Act provisions, a covered entity did not have to agree to a restriction; now, however, if an individual pays for a service out-of-pocket, the covered entity must grant the individual's request for restrictions on the use and disclosure of PHI related to that service for payment or health care operations.

Business Associates
The HIPAA security standards that apply to covered entities also now apply to business associates (individuals or corporations that perform any function involving the use or disclosure of PHI on behalf of the covered entity and are not a member of the covered entity's workforce). Previously, business associates were liable for breach of contract only if they did not comply with certain security requirements included in the business associate agreement. Now, business associates are required to comply with the HIPAA security standards and are subject to the same criminal and civil penalties that apply to covered entities if they do not. These new requirements must be added to the business associate agreement.

Business associates also are required to comply with the privacy obligations outlined in the business associate agreement. If a business associate violates those privacy provisions, the business associate is not only liable for a breach of contract, but also is subject to civil and criminal penalties.

Finally, if a business associate becomes aware that the covered entity has breached its obligations under the business associate agreement, the business associate must take steps to cure the breach. If this is not possible, the business associate must then either terminate the agreement or report the covered entity to the Department of Health and Human Services. (The covered entity already has the same obligation regarding a business associate's breach of the agreement.) The business associate agreement should be amended to reflect this new obligation.






Kate Romanow, director of health care regulatory advocacy, can be reached at kromanow@asha.org.




ShareThis
Share This Page

Print This Page
Advertisement



Advertise With Us




----------
For more information please call (407) 494-4EHR (4347) or visit us at: http://www.sencilo.com and let us "Uncomplexify your Information
Technology"

Sencilo HealthIT Solutions eHealthcare Architecture: More than technology With Sencilo HealthIT Solutions eHealthcare Architecture, you can leverage the same productivity tools and technology resources that have transformed business. And you get a full portfolio of services too. By working with Sencilo HealthIT Solutions, you can get:

A dedicated customer team
A website customized for your institution
A full portfolio of robust solutions
Easy setup, implementation and maintenance
Simple ordering and delivery
Technology training
Flexible financing options


Sencilo HealthIT Solutions Professional Services makes it easy.

In addition to providing high-quality technology at a low cost, Sencilo HealthIT Solutions Professional
Services can help you plan your healthcare computing from the ground up. By working with you from the initial construction phases, we can help you save time and money and lead to a truly customized solution.

Sencilo HealthIT Solutions Professional Services offers complete services that include:
Design
Procurement
Installation
Training
Maintenance
Support

About Us

Sencilo HealthIT Solutions is a Florida-based integrator specializing in EHR Cost Cutting storage, security and managed services solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including Allscripts, VMware, Dell Fujitsu EMC, Hitachi, Symantec, IBM, HP, Cisco, Microsoft, Gateway Sencilo has offices throughout Florida including: Orlando Lake Mary Daytona, Medical City solutions include Security "meaningful use" "meaningful usage" EMC HP IBM Quantum Compliance Gartner Magic Quadrant Quadrent LTO Daytona Beach Deland Melborne Tampa Clearwater, Dragon, Voice Recognition, Dragon Dictation
Network Backup appliance Data Recovery Backup Health IT Healthcare IT Digital Hospital Allscripts Patient Data electronic health record P4P rules and the HITECH Act PayerView Rankings practice management tools $44,000 in Medicare or $66,000 in Medicaid from the American Recovery and Reinvestment Act eClinicalWorks, Allscripts, NextGen, GE Centricity, and Meditech Electronic Healthcare IT Medical Records EHR Clinical Practices eClinicalWorks Allscripts Florida EMR, EHR, electronic medical record, health, records, practice management systems solutions, medication services, PHR Otolaryngology, Orthopaedics, pediatrics, eprescribe, dermatology, electronic documention, CCI edits, CPT codes, ICD 9 Codes, ICD 10 codes, comploiance, electronic medical records, Pain Nuerosurgery, Urology, Ophthalmology, Cardiology, Billing, Appointment Scheduling, clinicalworks, eClinicalWorks, solutions for physicians, hospitals, clinical education and medical services Computerized Patient CPR, Order Entry, CPOE, Document Clinical Information Informatics, Computer-based, SOAP, HIT, Healthcare Encounter Forms, web based, online, clinical rules database, electronic prescribing, e-prescribing, eprescribing, athenaClinicals, certified EMR, certified EHR, HITECH Act VAR Reseller Dealer hipaa privacy doctor, healthcare performance management, data security, hosting, arra, free, InterFAX, MyWay, HIPPA, EasyPayMedicare, MedicAID, SureScripts, FNC, billing, superbill iMedica Tiger on Windows, eprescribe pqri simple practice management revenue cycle e-cw e-clinicalworks greenway emds nextgen ge sage athena epic klas Dragon NaturallySpeaking speech recognition Google Health, Microsoft Healthvault Health Internet certified "meaningful use" violations HealthPresence Health Presence Sencilo “transformative” telemedicine medicaid medicare Seminole County Medical Society Orange county Orlando Medical News Trusted Advisor e-Prescription e-Rx CareTracker paperless scanning document storage hippa audits iscribe document scanning fi-6130 fi-6040 CCHIT ARRA surescript