March 27, 2013
This is a repeat of an event originally broadcast March 19.
On Jan. 17, 2013, the federal government released the long-awaited HITECH Act Omnibus Final Rule, clarifying the HIPAA compliance obligations of healthcare providers, health plans and their business associates. The HITECH Act significantly expanded the reach of HIPAA by imposing compliance obligations on a broad array of downstream entities not traditionally viewed as healthcare companies, by requiring the reporting of data breaches, and by significantly increasing the civil and criminal penalties for violations of HIPAA.
The HITECH Act also changed the enforcement climate. Recent investigations by the Office for Civil Rights (OCR) signal a dramatic shift in the government’s approach to enforcement, from a reactive approach focused on education to a proactive approach in which covered entities and business associates of all sizes are expected to achieve and sustain compliance. In addition, the OCR has implemented a new audit program, through which the HIPAA compliance status of selected covered entities and business associates will be evaluated.
Topics
Speakers