Identity Theft Solution
Hospitals, health plan sponsors, health care providers, and their vendors need to act immediately to meet the new rules introduced by the Health Information Technology for Economic and Clinical Health Act (HITECH). HITECH (enacted as part of the American Recovery and Reinvestment Act of 2009) makes significant changes to HIPAA, including changes that subject various vendors directly to privacy and security requirements and require notice to individuals whose information is affected by a breach of privacy.
By February 17, 2010, health plan sponsors and health care providers should review and update their HIPAA forms to comply with the HITECH rules concerning such things as:
- Internal policies and procedures
- Notice of privacy practices
- HIPAA plan amendments
- Agreements with vendors (business associates) who handle individually identifiable health information
Business associates under HIPAA will, for the first time, be directly subject to a number of HIPAA’s privacy requirements and virtually all of its security requirements. If your organization is a covered business associate, you will need to make sure that you have the necessary documentation in place to comply with the applicable rules and designate a Security Official.
On February 22, 2010, the new HITECH Act breach notification requirements become enforceable. Hospitals, health plans, health care providers, and business associates will need to be alert for potential data breaches. Each may be required to act immediately in the event of a breach that ultimately requires notice to affected individuals, the U.S. Department of Health and Human Services, and, if the breach impacts 500 or more people, local media.
All organizations covered by the new regulations will need to make sure that appropriate procedures are in place before breaches occur to allow enough time to investigate that breach and produce and deliver appropriate notices within the prescribed period. Training for relevant members of the workforce is also required.
Similar Posts:
- Healthcare Debate Gets into Data Breach Provisions
- Medical IDT
- Identity Theft, Data Breaches and Non-Compliance with Government Regulations is a Growing Epidemic in Healthcare
- Personal Medical Records of 1.7 Million Stolen
- Confusing and Ineffective Data Breach Regulations Cause Problems for Both Businesses and Consumers
Search
Popular Posts
- 10 Unbelievable Yet True Identity Theft Stories
- Who Can You Trust? A Dispatch from the Online Trust & Cybersecurity Forum: The DNA of Trust
- Child ID theft detection and protection
- Microsoft Live ID Phishing Illustrates the Dangers of Federated Identity
- Almost 100 people charged in US and Eygiptian ID Theft Ring
- RSA 2011 Guest Post: Whose Fault is it that I Did Not Know it Was Not You? A Mock Hearing Panel
- Change your Passwords- Accounts Compromised and Good Practice
- LifeLock reviews: My firsthand account
Similar Posts
- Healthcare Debate Gets into Data Breach Provisions
- Medical IDT
- Identity Theft, Data Breaches and Non-Compliance with Government Regulations is a Growing Epidemic in Healthcare
- Personal Medical Records of 1.7 Million Stolen
- Confusing and Ineffective Data Breach Regulations Cause Problems for Both Businesses and Consumers
Tag cloud
Useful Resources
Archives
- January 2012
- December 2011
- November 2011
- October 2011
- September 2011
- August 2011
- July 2011
- June 2011
- May 2011
- April 2011
- March 2011
- February 2011
- January 2011
- December 2010
- November 2010
- October 2010
- September 2010
- August 2010
- July 2010
- June 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
Leave a reply