Introduction
In 2013, the Department of Health and Human Services issued the final rule for modifying the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security standards (Yaraghi & Gopal, 2018). The final rule aimed at strengthening the privacy and security protection for health information of individuals. This paper will summarize the modifications that the new laws of the Final Rule brought about, as well as identifying the most difficult change to comply with or realize. It will also discuss how the new standards impact Electronic Health Records and the policies to incorporate to ensure full compliance.
Summary of the changes brought about by the Final Rule
One of the changes is the adoption of additional enhancements of Health Information Technology for Economic and Clinical Health (HITECH) Act to the Enforcement Rule. The enhancements involve the provisions that address enforcement of non-compliance with the HIPAA rules, which may arise from wilful neglect (Drolet et al., 2017). Another modification is the prohibition of the sale of protected information on health without the authorization of an individual. In essence, this would strengthen the limitations that exist in disclosure and use of health information to market and conduct fundraising activities. Additionally, the rule requires business associates to comply with the HIPAA standards similarly as covered entities. In essence, the business associates would be directly liable for the set requirements (Yaraghi & Gopal, 2018). In the Final Rule, expanding the rights of individuals to receive electronic copies of health information is evident. It restricts disclosures to health plans when individuals have paid out of their pockets for treatment.
The most difficult change of the Final Rule to deal with
The change requiring compliance of the business associates with the privacy and security standards of HIPAA is the most difficult to realize. In this aspect, covered entities are responsible for the actions of business associates. The covered entities will be required to obtain satisfactory assurances of compliance with the HIPAA rules through the contracts of business associates. However, this process will require risk assessments under the security standards of HIPAA. The risk assessments to be conducted would need a significant consideration of the nature and extent of protected health information involved, as well as whether the information was acquired or viewed. Another factor is the extent of mitigation of the risk. These factors may pose a threat to the realization of change as the agreements of business associates would get a reboot (Chen & Benusa, 2017).
How these standards impact Electronic Health Records and the policies and procedures that need to be in place to ensure these standards are complied with internally and externally
Electronic health records (EHR) transform the delivery of healthcare. The Final Rule standards have established an EHR incentive program, which enables physicians and hospitals to qualify for incentive payments. The rule also impacts the EHR by creating payment penalties in the future for the eligible care providers who have failed to meet the requirements for EHR meaningful use. One of the policies that would enhance compliance with the standards internally is by ensuring that the practitioners are aware of the technical and operational challenges that may be faced due to the increase in EHR expectations (Drolet et al., 2017). Improving the quality, safety, as well as the efficiency of healthcare would also be essential. Regarding external compliance, it would be efficient to improve the technology of electronic health records and to reduce the costs of service delivery.
Conclusion
The Final Rule is intended to harmonize better HIPAA Privacy and Security regulations hence promoting the flexibility of the Act. It enhances the privacy protections while providing individuals with new rights to health information. The rule strengthens enforcement of penalties by the government under the law hence it serves of substantial concern.
References
Chen, J. Q., & Benusa, A. (2017). HIPAA security compliance challenges: The case for small healthcare providers. International Journal of Healthcare Management, 10(2), 135-146. https://doi.org/10.1080/20479700.2016.1270875
Drolet, B. C., Marwaha, J. S., Hyatt, B., Blazar, P. E., & Lifchez, S. D. (2017). Electronic communication of protected health information: privacy, security, and HIPAA compliance. The Journal of hand surgery, 42(6), 411-416. https://doi.org/10.1016/j.jhsa.2017.03.023
Yaraghi, N., & Gopal, R. D. (2018). The Role of HIPAA Omnibus Rules in Reducing the Frequency of Medical Data Breaches: Insights From an Empirical Study. The Milbank Quarterly, 96(1), 144-166. https://doi.org/10.1111/1468-0009.12314
Cite this page
The Final Rule of the Health Insurance Portability and Accountability Act Essay. (2022, Aug 23). Retrieved from https://proessays.net/essays/the-final-rule-of-the-health-insurance-portability-and-accountability-act-essay
If you are the original author of this essay and no longer wish to have it published on the ProEssays website, please click below to request its removal:
- Effects of Illegal Immigrants in California State. Sociology Paper Sample
- Paper Example on Non-profit Organizations
- Paper Example on Parental Incarceration Impact on Child Behavior
- Essay Example on Public Health and Economic Performance
- Gang Crime: America's Growing Problem - Essay Sample
- COVID-19: Global Outbreak From China to Antarctica - Essay Sample
- Essay Example on Nina Simone's Impact on the Civil Rights Movement