How to Deal With the New HIPAA Rule Requirements?

Since its January release, the updated Health Insurance Portability and Accountability Act (HIPAA) Omnibus Rule has been causing more than a few headaches in the healthcare community.  Organizations have scrambled to comply with the new requirements, including the stipulation that all business associates also be fully HIPAA-compliant, by the quickly approaching September 23 deadline—which many seem unlikely to meet.

But as Fierce Health IT senior editor Dan Bowman writes in a recent editorial, despite the stress involved in the rush to comply, there are ways of making the process easier.  “Don’t let HIPAA ruin your life,” Bowman encourages organizations.  “Compliance isn’t a lost cause.”

Bowman first notes that the Department of Health and Human Services has given organizations little time to ensure compliance with the new rule.  What’s more, the agency “says it will take healthcare organizations a shade under 33 million hours to comply,” which amounts to a staggering “3764.5 years.”  Given the tight deadline, full compliance would seem to be a near-Olympian feat for most organizations.  Beyond that, Bowman comments that smaller organizations are particularly struggling with the process.  “Questions by smaller providers such as physician’s groups, nursing homes and home health organizations continue to linger about liability concerns,” he notes.

However, Bowman also points out that there are a variety of ways in which organizations can seek help with the HIPAA compliance process.  HHS, for its part, “is offering guidance and technical assistance to covered entities, as well as business associates, with such concerns,” per Bowman.  Other groups have also developed guidelines for their members; the American Medical Association, for example, has provided a free online “HIPAA privacy and security toolkit” for providers.

Ultimately, in Bowman’s view, once the stress of compliance lessens, the new rule will be a good thing for the American healthcare system—particularly in the area of patient privacy.  As one healthcare executive interviewed for the article put it, “the updated guidelines ultimately enhance the ability for providers to maintain patient trust.”  This, of course, is key to care delivery.

“Trust is critical to the work we do, and patient information is critical to the delivery of healthcare,” the executive told Bowman. “If we lose that trust, how can we deliver healthcare to them effectively?”

Click here for the article from Fierce Health IT on the new HIPAA rule requirements.

Click here for the  American Medical Association HIPAA Toolkit on HIPAA rule requirements.



Leave a Reply