Breaking Down HIPAA Rules and Regulations: The Omnibus Rule  Show
February 20, 2015 - As healthcare organizations continuously update their systems and implement the latest tools to improve patient care, it is important for providers to remain mindful of all HIPAA rules and regulations. Starting this week, HealthITSecurity.com will dive deep into different aspects of HIPAA, and explain how the legislation affects different players in the healthcare industry. We will break down the HIPAA Privacy Rule, the HIPAA Security Rule, and also explain any changes or adjustments that have recently taken place. Be sure to check back in regularly to ensure that you remain up-to-date HIPAA and understand how it applies to your organization, employees, and your facility’s policies and procedures. The Omnibus Rule We start this new review by looking at the HIPAA Omnibus Rule, which was finalized in January 2013 and went into effect on March 26, 2013. The update improved patient privacy protections, gave individuals new rights to their health information, and also strengthened the government’s ability to enforce the law. Four final rules combine to make up the final Omnibus Rule:
READ MORE: Common HIPAA Administrative Safeguards Under The HIPAA Security Rule An important aspect of the Omnibus Rule was that there was a transition period – covered entities and their business associates had time to make necessary changes so that they could still fulfill their breach requirements under the HITECH Act.
Key changes from the Omnibus Rule Another important change that took place because of the Omnibus rule was that several aspects of health information were redefined. For example, the definition of “electronic storage material” was changed to “electronic media.” This was done to better accommodate any future changes and developments of digital storage technology. “Electronic storage material on which data is or may be recorded electronically, including, for example, devices in computers (hard drives) and any removable/transportable digital memory medium, such as magnetic tape or disk, optical disk, or digital memory card,” the Rule states. READ MORE: What Is a HIPAA Business Associate Agreement (BAA)? The definition of protected health information (PHI) also received a slight modification. Essentially, the Omnibus Rule states that the Privacy Rule does not trump “State or other laws that provide greater protection for such information, or the professional responsibilities of mental health or other providers.” How HIPAA rules apply in certain territories were also clarified in the final Rule:
READ MORE: Common HIPAA Physical Safeguards Under The HIPAA Security Rule There were also key changes for the HIPAA rules in terms of how covered entities and their business associates interact. Many of the requirements to business associates were expanded. For example, the definition of a BA was extended to include subcontractors working with BAs and Health Information Organizations, e-prescribing gateway or any other entity that touches or transmits PHI. Moreover, these organizations are liable for PHI uses and disclosures and HIPAA Security Rule compliance. Additionally, BAs must enter into business associate agreement with their subcontractors, while BAs – not covered entities – are also now responsible for responding to any noncompliant subcontractors. The chain of responsibility must be documented. Essentially, any organization that touches PHI needs to have a business associate agreement in place. Better PHI protection The Omnibus Rule was designed to further enhance the already existing HIPAA rules and regulations. As technology changes, and covered entities and their associated BAs implement new systems, the Omnibus Rule can now account for that. There are many aspects of the new Rule and HIPAA that covered entities need to thoroughly understand. Be sure to check in next week to read more about HIPAA rules, the Omnibus Rule, and how they affect your organization.
Related Articles
Related Resources
Sign up to receive our newsletter and access our resources
Organization Type By submitting your personal information, you agree that Xtelligent Healthcare Media and its partners may contact you regarding relevant content, products and special offers. Please read and agree to the Terms of Use and the Privacy Policy. What do you mean by Omnibus Rule?Omnibus Rule means the regulations promulgated under HIPAA by the United States Department of Health and Human Services to protect the privacy and security of Protected Health Information and Electronic Protected Health Information including the Privacy, Security, Breach Notification, and Enforcement Rules at 45 CFR ...
What is a change made by the Omnibus Rule of 2013?We start this new review by looking at the HIPAA Omnibus Rule, which was finalized in January 2013 and went into effect on March 26, 2013. The update improved patient privacy protections, gave individuals new rights to their health information, and also strengthened the government's ability to enforce the law.
Which of the following occur as a result of the Omnibus Final Rule?Its Omnibus Final Rule, which took effect September 23, not only enhances patient privacy protections but also provides individuals with new rights to their health information and reinforces the government's ability to enforce the law. The changes offer the public increased protection and control of PHI.
Which is a change made to HIPAA by the Omnibus Rule of 2013 quizlet?The Omnibus Rule modified the Health Insurance Portability and Accountability Act (HIPAA) Privacy, Security, and the Enforcement Rule to implement statutory amendments under the Health Information Technology for Economic and Clinical Health Act ("the HITECH Act") to strengthen the privacy and security protection for ...
|
What is the omnibus rule for hipaa
Related Posts
Copyright © 2024 chuyencu Inc.
