HIPAA Portability, Privacy, and Security
At the heart of this law is the privacy provision. Many overlooked pieces of this law include limitations of pre-existing condition exclusions, special enrollment provisions, and nondiscrimination requirements. Compliance on each and every provision is important as fines or penalties can be assessed by the IRS, DOL, and HHS.
HIPAA HITECH – New rules regarding electronic information.
- March 26, 2013: The rules became effective.
- September 23, 2013: Covered entities must comply with most of the new Rules’ provisions.
- September 25, 2013: Disclosures of PHI become subject to the new restrictions on sale of PHI.
- September 22, 2014: Covered entities must bring all of their Business Associate Agreements (“BAAs”) into compliance with the Rules; the new Rules also apply this requirement to Business Associates’ agreements with their covered subcontractors.