Header graphic for print
HealtHITechLaw HIPAA, HITECH and Beyond

Monthly Archives: January 2013

HIPAA Final Rule Clarifies Business Associate Obligations

Posted in Rulemaking

Business Associates:  You’re on notice. When the Health Information Technology for Economic and Clinical Health Act (“HITECH”) was enacted nearly four years ago, business associates were aware that HIPAA compliance was going to be required of them – they were just not sure of the extent.  Historically, business associates have been required to comply with… Continue Reading

HHS Previews Long-Awaited Final Omnibus HIPAA Rule

Posted in Rulemaking

On January 17, 2013, HHS announced the release of the long-awaited final omnibus HIPAA rule.  According to HHS Office for Civil Rights Director Leon Rodriguez, “This final omnibus rule marks the most sweeping changes to the HIPAA Privacy and Security Rules since they were first implemented.  These changes not only greatly enhance a patient’s privacy… Continue Reading

OCR Settles with Hospice of Northern Idaho for $50,000.00

Posted in Enforcement

OCR’s recent enforcement action against a small non-profit hospice organization in Idaho is more evidence that OCR is looking carefully at HIPAA Security Rule compliance.  On December 28, 2012, HHS announced that Hospice of Northern Idaho (“HONI”) had agreed to pay HHS $50,000 to settle potential violations of the HIPAA Security Rule.  This is the… Continue Reading