180-day countdown under way: ODs have three months to meet revised HIPAA privacy, security regulationsJune 8, 2013
Optometrists and other health care entities have until Sept. 23 to comply with newly revised Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules. The updated HIPAA rules formally took effect March 26, 2013, but in most cases practitioners have 180 days to bring practices into compliance.
The new HIPAA privacy and security regulations will effectively require most optometric practices to review their privacy and security policies, update the Notices of Privacy Practices (NPPs) they provide to patients, and take a few additional measures to ensure the privacy, security, and accessibility of patient information in their practices, according to Ian Lane, O.D., chief medical information officer for AOAExcel™.
Authorized under the federal Health Information Technology for Economic and Clinical Health (HITECH Act) of 2009, the new revisions are intended to update the original HIPAA law, enacted in 1996, to reflect changes in communications technology and the health care system.
The most notable changes include:
- Patients will now be allowed to request an electronic copy of their electronic health record.
- Patients will have the right to instruct their doctors to not share information about treatment with the patient’s insurance company when the patient pays cash for the services rendered.
- Additional information will be required on NPPs, including information regarding patients’ rights following breaches of protected health information and information regarding patients’ rights when paying for services out of pocket.
Under the new revisions, the privacy and security rules will apply not only to health care practitioners and their business associates, but, for the first time, the subcontractors of those business associates, Dr. Lane noted.
In addition to making sure their practices are in compliance with the updated rules, practitioners should make sure any business associates with access to protected health information, such as billing firms or claims clearinghouses, are aware of the new rules and taking steps to adhere to them.
The HHS issued the new revisions Jan. 17, 2013 (see “Revised HIPAA privacy, security regulations released” in the March edition of AOA News).
AOAExcel™ is developing new products and services to assist optometrists in achieving compliance with the new HIPAA regulations.
For additional information, including the HHS’ new HIPAA Regulations FAQs on new updates, visit www.ExcelOD.com/HIPAA.