|
Breaking News
HHS Issues Breach
Notification Regulations
The age of mandatory breach notification is imminent and the ambulance industry has little time to brace itself for the first wave of new HIPAA regulations. HHS has issued the first significant set of new HIPAA regulations under the American Reinvestment and Recovery Act of 2009 (ARRA), and the government is making it clear that it is serious about accountability in this new HIPAA era. Speaking about the new breach notification regulations, acting director of the federal agency that oversees HIPAA enforcement commented:
"This new federal law ensures that covered entities and business associates are accountable to the Department and to individuals for proper safeguarding of the private information entrusted to their care. These protections will be a cornerstone of maintaining consumer trust as we move forward with meaningful use of electronic health records and electronic exchange of health information."
These new regulations will require covered entities to promptly notify affected parties, HHS, and potentially the media whenever there is a "breach" of "unsecured PHI." They will also require business associates to notify covered entities upon discovery of a breach. The Regulations are expected to be published in the Federal Register on August 24, 2009 and they will apply to breaches 30 days after that date. This means that the mandatory breach notification regulations will likely go into effect by September 24, 2009, a little over a month from now.
The breach notification regulations are technical and can be quite confusing. For example, the definition of a breach itself contains several exceptions to the notification requirements when data is "secured" or where there is an "unintentional acquisition" by someone who is authorized to access the information. There are also very specific requirements regarding when notice must occur, who must be notified, and what information the notice must contain. There are also ways that entities can secure data and avoid the notification requirements altogether. In addition, the regulations may have an effect on how covered entities and business associates comply with obligations under current state security breach notification laws.
Read More.
The attorneys and consultants of Page, Wolfberg & Wirth have been closely monitoring HHS's activity and we are poised to guide the ambulance industry through the new HIPAA era, starting with the new breach notification regulations.
To help your organization get ready to comply with the mandatory breach notification regulations, PWW will be holding a comprehensive webinar on Monday, September 14, 2009 from 2:00 - 3:30 PM (EST).
We will discuss the background behind these new regulations, how to comply with them, and how you can actually eliminate your breach notification requirements by properly securing your data.
As always, we will provide not only a legal analysis of the regulations, but also practical guidance for addressing the new regulations and ensuring that you are ready once the first wave hits. We will provide you with model policies and procedures for breach notification as well as a sample notification to send to affected individuals. Register today for PWW's Educational Webinar - The First Wave: Breach Notification in the New HIPAA Era.
REGISTRATION FEE: $179 per site. As many people as you wish can participate from your location. Includes detailed handout materials.
Online: 
By Phone: 877-EMS-LAW1 (877-367-5291)
|
