1 Changes to Privacy Regulations under ARRA May 4, 2009 Melissa Goldstein, J.D. The George Washington University School of Public Health and Health Services.

Slides:



Advertisements
Similar presentations
An Overview for In-Home Service Providers Legal advice must be tailored to specific circumstances. Information provided in this presentation should not.
Advertisements

“Reaching across Arizona to provide comprehensive quality health care for those in need” Our first care is your health care Arizona Health Care Cost Containment.
HIPAA Basics Brian Fleetham Dickinson Wright PLLC.
HIPAA Privacy Rule Training
Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.
HIPAA What’s New? What Is HIPAA Health Insurance Portability and Accountability Act of 1996 Health Insurance Portability and Accountability Act.
Changes to HIPAA (as they pertain to records management) Health Information Technology for Economic Clinical Health Act (HITECH) – federal regulation included.
1 Navigating the Privacy and Security Issues: HITECH Overview Rebecca L. Williams, RN, JD Partner Co-chair of HIT/HIPAA Practice Davis Wright Tremaine.
HIPAA CHANGES: HITECH ACT AND BREACH NOTIFICATION RULES February 3, 2010 Kristen L. Gentry, Esq. Catherine M. Stowers, Esq.
TM The HIPAA Privacy Rule: Safeguarding Health Information in Research and Public Health Practice Centers for Disease Control and Prevention Beverly A.
1 HIPAA Challenges Ahead in Mining Patient-Centric Data Kristen B. Rosati Coppersmith Schermer & Brockelman, PLC PRISM Forum SIG on Clinical Informatics.
HIPAA Update: So what’s new with HIPAA?? And, what does it have to do with you? Ellen Cannon, WV DHHR HIPAA Privacy Officer WV Attorney General’s Office.
HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)
COMPLYING WITH HIPAA PRIVACY RULES Presented by: Larry Grudzien, Attorney at Law.
2014 HIPAA Refresher Omnibus Rule & HIPAA Security.
Are you ready for HIPPO??? Welcome to HIPAA
Protecting Client Data HIPAA, HITECH and PIPA Part 1A
Health IT Privacy and Security Policy Jodi Daniel, J.D., M.P.H. Director, Office of Policy and Research, Office of the National Coordinator for Health.
To improve the quality and efficiency of health care for all stakeholders in the Santa Cruz community. To deliver technology assistance, guidance and.
Health Insurance Portability & Accountability Act (HIPAA)
1 HIT Standards Committee Privacy and Security Workgroup: Recommendations Dixie Baker, SAIC Steven Findlay, Consumers Union August 20, 2009.
March 19, 2009 Changes to HIPAA Privacy and Security Requirements Joel T. Kopperud Scott A. Sinder Rhonda M. Bolton.
© Copyright 2014 Saul Ewing LLP The Coalition for Academic Scientific Computation HIPAA Legal Framework and Breach Analysis Presented by: Bruce D. Armon,
2 HIPAA, HITECH, and Medical Records. Learning Outcomes When you finish this chapter, you will be able to: 2.1Discuss the importance of medical records.
Overview of the American Recovery and Reinvestment Act of 2009 Implications for Health Care Research Centers and National Architecture for HIE John Glaser,
HIPAA COMPLIANCE IN YOUR PRACTICE MARIBEL VALENTIN, ESQUIRE.
Office of the Secretary Office for Civil Rights (OCR) HIPAA Privacy and Security Rules Updates HIPAA COW 2010 Spring Conference April 16, 2010.
Lecture 14 Policy, Legal, and Regulatory Issues in HIS (Chapters 18,19,20)
Health Information Technology Nationwide Activities and Issues Roy H. Wyman, Jr. May 7, 2009.
HIPAA PRIVACY AND SECURITY AWARENESS.
California :: Delaware :: Florida :: New Jersey :: New York :: Pennsylvania :: Virginia :: Washington, D.C. :: 1 NEW OBLIGATIONS.
HIPAA and HITECH The Latest Developments Presented By: Michele Madison Partner, Healthcare Practice Morris, Manning & Martin, LLP
Quality Integrity Stewardship Courtesy Care Accountability Medical Records ARMA Florida Gulf Coast Chapter Michael Spake Lakeland Regional Medical Center.
1 Healthcare Privacy and Security: Concepts and Challenges Dixie B. Baker, Ph.D. Chair, HIMSS Privacy and Security Advocacy Task Force.
Update on Federal HIT Legislation Kirsten Beronio Mental Health America.
Computerized Networking of HIV Providers Workshop Data Security, Privacy and HIPAA: Focus on Privacy Joy L. Pritts, J.D. Assistant Research Professor Health.
HITECH Act and HIPAA: Important Compliance Update Susan E. Ziel Gerald “Jud” DeLoss.
HIT Standards Committee Privacy and Security Workgroup: Initial Reactions Dixie Baker, SAIC Steven Findlay, Consumers Union June 23, 2009.
David G. Schoolcraft Ogden Murphy Wallace, PLLC
AMERICAN RECOVERY AND REINVESTMENT ACT OF 2009 Health Information Technology for Economic and Clinical Health Act (HITECH Act) Regina.
Office of the Secretary Office for Civil Rights (OCR) The HITECH NPRM: Overview of Research Comments October 19, 2010 Christina Heide, JD HHS Office for.
American Recovery and Reinvestment Act: Summary of Health-related Provisions April 15, 2009.
Copyright © 2009 by The McGraw-Hill Companies, Inc. All Rights Reserved. McGraw-Hill Chapter 6 The Privacy and Security of Electronic Health Information.
FleetBoston Financial HIPAA Privacy Compliance Agnes Bundy Scanlan Managing Director and Chief Privacy Officer FleetBoston Financial.
HIPAA BASIC TRAINING Presented by Anderson Health Information Systems, Inc.
David G. Schoolcraft Ogden Murphy Wallace, PLLC
The American Recovery and Reinvestment Act of 2009: Changes to HIPAA Privacy and Security Requirements And its Impact on Hospitals Presented By: Michele.
Policies for Information Sharing April 10, 2006 Mark Frisse, MD, MBA, MSc Marcy Wilder, JD Janlori Goldman, JD Joseph Heyman, MD.
HealthBridge is one of the nation’s largest and most successful health information exchange organizations. Tri-State REC: Privacy and Security Issues for.
Copyright ©2014 by Saunders, an imprint of Elsevier Inc. All rights reserved 1 Chapter 02 Compliance, Privacy, Fraud, and Abuse in Insurance Billing Insurance.
HITECH and HIPAA Presented by Rhonda Anderson, RHIA Anderson Health Information Systems, Inc
HIPAA Health Insurance Portability and Accountability Act.
Bringing Health Information to Life DAVID BLUMENTHAL, MD, MPP National Coordinator of Health Information Technology US Department of Health & Human Services.
Top 10 Series Changes to HIPAA Devon Bernard AOPA Reimbursement Services Coordinator.
Finally, the Final HIPAA/HITECH Regulations are Here! By LYNDA M. JOHNSON Friday, Eldredge & Clark.
Configuring Electronic Health Records Privacy and Security in the US Lecture b This material (Comp11_Unit7b) was developed by Oregon Health & Science University.
HIPAA Overview Why do we need a federal rule on privacy? Privacy is a fundamental right Privacy can be defined as the ability of the individual to determine.
HIPAA Privacy Rule Positive Changes Affecting Hospitals’ Implementation of the Rule.
AND CE-Prof, Inc. January 28, 2011 The Greater Chicago Dental Academy 1 Copyright CE-Prof, Inc
HIPAA TRIVIA Do you know HIPAA?. HIPAA was created by?  The Affordable Care Act  Health Insurance companies  United States Congress  United States.
Public Health IT Privacy, Confidentiality and Security of Public Health Information This material (Comp13_Unit2) was developed Columbia University, funded.
HIPAA Privacy Rule Positive Changes Affecting Hospitals’ Implementation of the Rule Melinda Hatton -- Oct. 31, 2002.
HIPAA Privacy Rule Training
UNDERSTANDING WHAT HIPAA IS AND IS NOT
HIPAA CONFIDENTIALITY
HIPAA/HITECH – The Final Omnibus Rule
Concerns of a Privacy Advocate – and How to Respond
HITECH’s Impact on Research
HIPAA Policy & Procedure Strategies
Objectives Describe the purposes of the Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009 Explore how the HITECH Act.
Presentation transcript:

1 Changes to Privacy Regulations under ARRA May 4, 2009 Melissa Goldstein, J.D. The George Washington University School of Public Health and Health Services

2 HIPAA Privacy Rule in a Nutshell A covered entity cannot use or disclose protected health information unless it is permitted or required by the Rule And then, generally, only the minimum necessary information may be used or disclosed Rule sets a federal floor More protective state statutes are permitted

3 American Recovery & Reinvestment Act of 2009 (ARRA) Title XIII – Health Information Technology (HITECH) $19 billion over 10 years Establishes HIT infrastructure at HHS (Advisory committees on policy and standards) Significant changes to healthcare privacy and security environment Does not change all of HIPAA but should be addressed by entities handling health care information Most provisions require further regulatory clarification

4 Overview of Investment $2 billion in grants –$300M for subnational and regional exchange efforts –$20M for NIST for health care information enterprise integration Incentives through Medicare & Medicaid for healthcare professionals, hospitals and other providers

5 Changes to HIPAA Enhanced Individual Control –Right of electronic access –Can direct record to another entity or individual (PHR) –Right to restrict disclosures to health plans for payment and operations Application to business associates (entities that act on behalf of “covered entities”) –HIPAA security rules –HIPAA privacy rules –Provisions in ARRA

6 Changes to HIPAA Business Associate contracts –Required for health information exchanges, RHIOs, and other entities that transmit protected health information (PHI) to a covered entity –Required for vendors that contract with a covered entity to offer a personal health record (PHR) Breach notification requirement –Definition of breach –Safe harbor for “protected” data

7 Changes to HIPAA Accounting for disclosure requirements for entities using electronic health records –Requirement applies after standard and regulations are developed –Phased in over time –Covers only 3 years

8 Changes to HIPAA Marketing –Limited right to use information for marketing if the communication is paid for by an outside entity –Exceptions for treatment and communications about current drugs and biologics Fundraising –Opt-out required

9 Changes to HIPAA Prohibition on sale of health records or protected health information Exceptions –Public health –Research –Treatment of an individual –Sale of a facility/business –Payments to business associates –Copies to individuals

10 Changes to HIPAA Secretary guidance on minimum necessary –Use of limited data set where possible in interim –Discloser determines minimum necessary Minimum necessary still does not apply to treatment or de-identified information Study on implementation of the de- identification requirements

11 Enhanced Enforcement of HIPAA Tiered increase in civil penalties Secretary required to do periodic audits State Attorney General civil enforcement

12 Entities not covered by HIPAA Study of privacy protections –HHS & FTC report to Congress on privacy and security recommendations for PHRs Temporary breach notification provisions –FTC enforced

13 Implementation Refining terms “certified EHR” and “meaningful use” Strategic plan for rollout Implementation of privacy and security provisions

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.