Key Compliance Actions for the New HIPPA Privacy Regulations

Bloomberg BNA Privacy and Data Security Law Resource Center

Pamela D. Tyner, a Member of the Firm in the Houston office, and Patricia Wagner, a Member of the Firm in the Washington, DC, office, wrote an article titled "Key Compliance Actions for the New HIPPA Privacy Regulations."  Both attorneys are in the Health Care and Life Sciences practice.
Following is an excerpt:

The long-awaited final Health Insurance Portability and Accountability Act omnibus rule (''Omnibus Rule'' or the ''Rule'') issued by the Department of Health and Human Services (''HHS'') was published in the Federal Register in January 2013.1 The Omnibus Rule makes sweeping changes to the privacy and security regulations under the Health Insurance Portability and Accountability Act (''HIPAA'').

Although the Omnibus Rule took effect on March 26, 2013, affected parties have until September 23, 2013, to comply with most of its provisions. This checklist will highlight several key regulatory changes and suggested action items that entities will want to consider as they develop plans to come into compliance with the new requirements.

1. Review Business Associate Relationships and Update Business Associate Agreements

The Omnibus Rule makes a number of significant changes to the definition of a ''business associate.''2 The definition now expressly includes the following types of entities as business associates:

  1. Health information organizations, e-prescribing gateways, and entities that provide data transmission services for protected health information (''PHI'') to a covered entity and that require access to PHI on a routine basis;
  2. Entities that offer personal health records to individuals on behalf of a covered entity; and
  3. Subcontractors that create, receive, maintain, or transmit PHI on behalf of another business associate.

The attached file is reproduced with permission from Privacy Law Resource Center, BNA Insights Articles and Videos, 12 PVLR 1303, 7/29/2013. Copyright © 2013 by The Bureau of National Affairs, Inc. (800-372-1033)