So much has happened in the past less than two years since we published the 4th edition of the Compliance Guide to HIPAA and the DHHS Regulations in the areas of technology, security, and HIPAA enforcement, both civil and criminal, that I thought that I had better write a supplement to keep all of my readers up to date. With help from Charles Penoi, whose contributions I greatly appreciate, I have finished the Supplement.
The Supplement contains the following sections of new information since the last time that we updated the Compliance Guide:
- Risks inherent in new technologies.
- Increased Department of Health and Human Services (“DHHS”) enforcement of HIPAA.
- Heightened requirements for business associates and others.
- Recent changes in transactions and code sets regulations
- Unsecured protected health information (“PHI”).
- Requirement to have a security program.
- Social media.
- Cell phones and other portable communication devices.
- Software-as-a-service (“SaaS”), virtualization, and cloud computing,
- Copy machines.
- Minimum necessary rule standard
- Disclosure to family members and others.
- Right of individuals to accounting of uses and disclosures of PHI.
- Training.
- Sanctions.
- Mitigation.
- Requirement for policies and procedures.
- National provider identifier (“NPI”).
- Unique patient identifier.
- Additions to HIPAA Compliance Checklist in the 4th edition of the Compliance Guide.
I want you to stay current on the law (we don’t want you to end up taking that free trip to Leavenworth), so please log in to the Premium Member section if you have already set up your account. If not, and if you have bought the Health Information Compliance Library in 2011, please call our office manager, Sherry, at 913-341-8783 or toll-free at 855-341-8783 or email her at sherry@veteranspress.com to obtain your coupon code to obtain access to the Premium Member section, which is free to you for the first year.
