Final HIPAA Privacy and Security Rule: On January 17, 2013, the Department of Health and Human Services (HHS) released the final rule modifying the Health Insurance Portability and Accountability Act (HIPAA) regulations. This rule strengthens the privacy and security protection for an individual’s health information and incorporates changes mandated by the Health Information Technology for Economic and Clinical Health Act (HITECH Act) and the Genetic Information Nondiscrimination Act of 2008 (GINA).
Compliancedashboard will address this final rule in a series of compliance activities designed to inform employers of actions they should take to comply with the final regulation.
- The first activity lists changes that will impact the Business Associate Agreement for employers that use business associates. This activity (Amend BA Agreements) has been posted to the Dashboard.
- The second activity will describe amendments that employers may need to make to their privacy notice. This activity will also include a sample notice.
- The third activity will explain changes to the breach notification process.
The last two activities will be posted to the Dashboard over the next several weeks. As with all compliance activities, Compliancedashboard users will receive an email reminding them to complete these activities. A Compliancedashboard login will be required to access this information.