HIPAA Final Rule: Business Associate Notification Timing, Policy and Procedure Updates, Retraining, and Documentation

February 1, 2013.  Today, we wrap up discussion of breach notification in the Final Rule: Modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules Under the Health Information Technology for Economic and Clinical Health Act [HITECH Act] and the Genetic Information Nondiscrimination Act; Other Modifications to the HIPAA Rules.  The Final Rule is effective on March 26, 2013, and requires compliance by covered entities and business associates on September 23, 2013.  The focus is on timing of reporting a breach by a business associate to a covered entity, and, because the definition of breach was modified in the Final Rule, on the requirements to update policies and procedures,…

READ MORE

Exploring HIPAA and HITECH Act Definitions: Part 5

From now through November, HIPAA.com is providing a run through of HIPAA transaction & code set, privacy, and security definitions, along with relevant HITECH Act definitions pertaining to breach notification and securing of protected health information. These definitions are key to understanding the referenced HIPAA and HITECH Act enabling regulations that are effective now and that will require compliance by covered entities and business associates now or in the months ahead, as indicated in HIPAA.com’s timeline. Each posting will contain three definitions, with a date reference to the Federal Register and citation to the Code of Federal Regulations (CFR).  We begin the first series of postings with definitions from “Health Insurance…

READ MORE

Exploring HIPAA and HITECH Act Definitions: Part 4

From now through November, HIPAA.com is providing a run through of HIPAA transaction & code set, privacy, and security definitions, along with relevant HITECH Act definitions pertaining to breach notification and securing of protected health information. These definitions are key to understanding the referenced HIPAA and HITECH Act enabling regulations that are effective now and that will require compliance by covered entities and business associates now or in the months ahead, as indicated in HIPAA.com’s timeline. Each posting will contain three definitions, with a date reference to the Federal Register and citation to the Code of Federal Regulations (CFR). We begin the first series of postings with definitions from “Health…

READ MORE

Exploring HIPAA and HITECH Act Definitions: Part 3

From now through November, HIPAA.com is providing a run through of HIPAA transaction & code set, privacy, and security definitions, along with relevant HITECH Act definitions pertaining to breach notification and securing of protected health information. These definitions are key to understanding the referenced HIPAA and HITECH Act enabling regulations that are effective now and that will require compliance by covered entities and business associates now or in the months ahead, as indicated in HIPAA.com’s timeline. Each posting will contain three definitions, with a date reference to the Federal Register and citation to the Code of Federal Regulations (CFR). We begin the first series of postings with definitions from “Health…

READ MORE

Exploring HIPAA and HITECH Act Definitions: Part 2

From now through November, HIPAA.com is providing a run through of HIPAA transaction & code set, privacy, and security definitions, along with relevant HITECH Act definitions pertaining to breach notification and securing of protected health information. These definitions are key to understanding the referenced HIPAA and HITECH Act enabling regulations that are effective now and that will require compliance by covered entities and business associates now or in the months ahead, as indicated in HIPAA.com’s timeline. Each posting will contain three definitions, with a date reference to the Federal Register and citation to the Code of Federal Regulations (CFR). We begin the first series of postings with definitions from “Health…

READ MORE

Exploring HIPAA and HITECH Act Definitions: Part 1

From now through November, HIPAA.com is providing a run through of HIPAA transaction & code set, privacy, and security definitions, along with relevant HITECH Act definitions pertaining to breach notification and securing of protected health information. These definitions are key to understanding the referenced HIPAA and HITECH Act enabling regulations that are effective now and that will require compliance by covered entities and business associates now or in the months ahead, as indicated in HIPAA.com’s timeline. Each posting will contain three definitions, with a date reference to the Federal Register and citation to the Code of Federal Regulations (CFR). We begin the first series of postings with definitions from “Health…

READ MORE