The Health Insurance Portability and Accountability Act (HIPAA), was signed into law in 1996 with has two main purposes: to provide continuous health insurance coverage for workers who lose or change their job and to reduce the administrative burdens and cost of healthcare by standardizing the electronic transmission of administrative and financial transactions. Other goals include combating abuse, fraud, and waste in health insurance and healthcare delivery and improving access to long-term care services and health insurance.
The Department of Health and Human Services expanded the act when it published the HIPAA omnibus rule in place in 2013 to implement modifications to HIPAA in accordance with guidelines set in 2009 by the Health Information Technology for Economic and Clinical Health (HITECH) Act.
These guidelines concern the responsibilities of business associates of covered entities. The omnibus rule also increased penalties for HIPAA compliance violations to a maximum of $1.5 million per incident.
The purpose of the HITECH Act was to promote the adoption and meaningful use of health information technology. Subtitle D of the HITECH Act discusses the privacy and security concerns associated with the electronic transmission of health information, civil and criminal penalties in the event of a data breach, breach notification procedures and accounting of disclosures of a patient’s health information.
The Rubicon Advisory Group can assist your organization in addressing any potential noncompliance issues and demonstrate how you manage HIPAA & HITECH requirements during daily operations, these can include:
- Demonstrating where PHI resides at rest
- How PHI is securely transmitted
- How PHI is protected when accessed
- Logical access to PHI (both internal to the organization, Business Associates, and external vendors)
- Development and implementation of an incident response plan
If you have any questions or concerns about your ability to demonstrate compliance, please call us at (855) 4-NO-RISK for a free consultation on how our expertise can ensure you get out ahead of any risks to your organization and assure compliance.