As mentioned time and time again in this blog, HIPAA compliance is important and, with the growth in health IT, medical providers need to ensure that their digital health records are protected through appropriate safety and security measures.
MedCity News reported that the long-awaited HIPAA Omnibus Rule has been finalized by the Office for Civil Rights (OCR). The Office of Management and Budget will have to give its approval before the new rulings go into effect and are published in the Federal Register.
Susan McAndrew, the deputy director for health information privacy at OCR, said that these new amendments will affect HIPAA privacy and security rules as well as create more options for data breach notifications and stronger penalty enforcements. Along with these changes, there will be modifications to expand the Information Nondiscrimination Act.
"In light of this rule, the healthcare industry needs to educate patients with regards to their privacy and disclosure rights," the news source explained. "Patients should know how their information is used and disclosed, and how to submit complaints pertaining privacy violations. Similarly, healthcare providers should also strive to better understand HIPAA requirements so that they are aware of their obligations."
HITECH Answers reported that the ONC's Office of the Chief Privacy Officer will be providing guidelines for medical providers on the privacy and security measures necessary to reach meaningful use requirements and ensure their health IT products are up to standard. The guidelines include information on meaningful use, security risk analysis, healthcare management tips, health IT vendor data and EHR privacy and security resources.
Medical providers who are looking to remain HIPAA compliant should confer with healthcare IT consulting professionals with vast experience in proper security measures for the medical sphere.