With the final omnibus HIPAA and HITECH rule released by the Department of Health and Human Services in January, there are new concerns for healthcare privacy, writes Rita Bowen for Becker’s Hospital Review. Business associates and subcontractors can now be held directly liable for any breach of personal health information (PHI) and are now responsible for breach reporting. Breach documentation must be maintained for six years, and there are new limits on use and disclosure of PHI. Bowen writes that “adherence to HIPAA must be an ongoing, full-time effort,” and “privacy is not a one-and-done; it must become part of the fabric of your organization.”
If you want to comment on this post, you need to login.