The healthcare organizations need to reflect the revamped HIPAA Omnibus rules in their policies and procedures. Although, the new rules cover various changes to HIPAA Privacy rule, Security, and Breach Notification Rules but the most notable changes happened in the individual rights that must be reflected in an entity’s HIPAA policies and Notice of Privacy Practices (NPPs). The new HIPAA policy covers— new requirements of fundraising activity and a chance to opt out, new requirements for individuals to provide authorization for the sale of PHI, patient rights of access to electronic records, rights to limit certain disclosures, and rights of notice in the event of a breach. The updated rules are very stringent and breaches are subject to enforcement that can include fines up to $50,000 per day.
Although the new rules hold the covered entities responsible for protecting patients' health information, some healthcare organizations are making the same mistakes again and again. Recently, a hospital in Alhambra, Calif., AHMC healthcare informed 729,000 patients that their PHI has been stolen following the theft of two unencrypted laptops. Apparently, AHMC hospital breach is one of the major HIPAA privacy breaches reported in 2013 and the 11th biggest HIPAA breach till date. A recent survey shows that many healthcare organizations have been struggling to comply with HIPAA. In 2013, there has been a 138 percent increase in personal health information breaches. The Office for Civil Rights has promised an increase in investigations and penalties for entities that have failed to take patient privacy seriously.
Although the new rules hold the covered entities responsible for protecting patients' health information, some healthcare organizations are making the same mistakes again and again. Recently, a hospital in Alhambra, Calif., AHMC healthcare informed 729,000 patients that their PHI has been stolen following the theft of two unencrypted laptops. Apparently, AHMC hospital breach is one of the major HIPAA privacy breaches reported in 2013 and the 11th biggest HIPAA breach till date. A recent survey shows that many healthcare organizations have been struggling to comply with HIPAA. In 2013, there has been a 138 percent increase in personal health information breaches. The Office for Civil Rights has promised an increase in investigations and penalties for entities that have failed to take patient privacy seriously.
