The HIPAA Omnibus
Rule was brought into effect on January 25, 2013. This was a set of rules that
directly affected the Health Insurance Portability and Accountability Act in
the areas of Security, Privacy and Enforcement. In a day in age where
technology runs nearly everything, these provisions to HIPAA helped implement
changes to the Health Information Technology for Economic and Clinical Health
(otherwise known as the HITECH Act). These provisions protect patients'
personal information more directly in today's high tech world.
One of the first things these provisions address is that under the HIPAA Omnibus Rule all associates of a business and all subcontractors of a business are directly liable for complete compliance with HIPAA. It also goes on to limit the use of personal information for the use of marketing purposes. These provisions also expand on the rights of individuals to receive copies of their medical records over the internet.
In times of a breach of privacy, the HIPAA Omnibus Rule and the HITECH Act increase the monetary penalties. Monetary penalties include:
One of the first things these provisions address is that under the HIPAA Omnibus Rule all associates of a business and all subcontractors of a business are directly liable for complete compliance with HIPAA. It also goes on to limit the use of personal information for the use of marketing purposes. These provisions also expand on the rights of individuals to receive copies of their medical records over the internet.
In times of a breach of privacy, the HIPAA Omnibus Rule and the HITECH Act increase the monetary penalties. Monetary penalties include:
- Accidental disclosure of personal information resulting in a penalty of no less than $100 but no more the $50,000 for each case
- For disclosure due to reasonable cause and not pure neglect resulting in a penalty of no less than $1,000 but no more than $50,000 for each case
- For disclosure due to neglect but fixed in a timely fashion resulting in a penalty of no less than $10,000 but no more than $50,000 for each case
- For disclosure due to neglect that is not fixed in a timely manner resulting in a penalty of $50,000 but no more than $1.5 million per year for each case
Any known use or disclosure of personal information is considered to be a breach of the HIPAA.
The HIPAA Omnibus Rule was brought in to effect to further cover and protect patients' personal information. All healthcare officials and individuals in the healthcare field must be properly educated on the HIPAA Omnibus Rule and practice it to avoid monetary penalties.
0 comments:
Post a Comment