Exciting news, the HIPAA Privacy and Security Rules are getting major changes made to them according to HIPAA Journal. As the world becomes more reliant on tech, new regulations need to be implemented to make sure patients’ online data is secure and able to be accessed. Adopting new rules and regulations to this policy will be a big undertaking for covered entities. Continue reading to find out exactly what the expected changes are.
What New Legislation was Introduced
New legislation has been introduced by HIPAA Journal relating to the HIPAA Privacy and Security Rules, in terms of cybersecurity, patient access to healthcare data, and HIPAA enforcement. The HHS Office of the National Coordinator for Health Information Technology (ONC) also published its Interoperability and Information Blocking Final Rule in March 2020, but it did not go into effect until April 5, 2021.
What Does Cybersecurity Entail
The HIPAA Safe Harbor Bill (HR 7898) amended the HITECH Act and was signed into law by President Trump on January 5, 2021. The Safe Harbor Bill encourages healthcare organizations to adopt cybersecurity practices. The bill instructs the HHS to take into account the cybersecurity best practices that a HIPAA-regulated entity has adopted while considering HIPAA enforcement actions and calculating financial penalties related to security breaches. The bill also requires the length and extent of audits to be decreased regarding security breaches when these practices were in place.
Adopting a robust cybersecurity program shows that you are working towards completion of a HIPAA Security Risk Analysis. This reduces identified risks to a low and acceptable level and means technical safeguards to ensure the confidentiality, integrity, and availability of electronically protected health information (ePHI) have been put in place.
What’s in it For You
Covered entities that have complied will be treated more leniently by OCR, but with that being said organizations that have not complied with cybersecurity best practices cannot be financially penalized. In addition to facing lower penalties and sanctions, covered entities that are fully compliant face far less of a security risk, meaning it is much less likely that the covered entity will face a data breach saving tens of thousands of dollars potentially.
Complying with the new rules and regulations will save covered entities money, in the long run, and they will have more protection under HIPAA. Data breaches are becoming extremely common, and result in big financial penalties most of the time. Patients are highly affected by cyber data breaches, and hackers are becoming more skilled and clever. Using a company such as Carosh can be imperative in making sure that your practice stays up to date, as well as can correctly implement the new regulations and stay both HIPAA compliant and protected from breaches.
Resources:
If you want to make sure your practice is HIPAA compliant visit: HIPAA Diagnostic® – $100 Challenge
Source:
“HIPAA Updates and HIPAA Changes 2022.” HIPAA Journal, 10 Jan. 2022, www.hipaajournal.com/hipaa-updates-hipaa-changes/. Accessed 26 Dec. 2022.