Kevin is at the Healthcare Information and Management Systems Society (HIMSS) Conference in New Orleans this
week. Here is his latest blog posting he
wrote for the Xchange Conference group:
Are You Hip To HIPAA 3.0 HITECH
And The Omnibus Rule?
Department of Health & Human Services (HHS) released a new rule on Jan. 17
to protect patient privacy and secure health information established under the
Health Insurance Portability and Accountability Act of 1996 (HIPAA) and run by
The Office of Civil Rights.
With this new
rule, The Omnibus Final Rule, protected payers and providers should no longer
have any doubt that they are liable under HIPAA. To be sure, you only need to
answer yes to a couple of the following questions:
- Do you
receive, create, maintain or transmit Protected Health Information (PHI)
for or from a covered entity (CE)?
- Are you a
VAR, MSP, integrator or other, providing IT or related services to CEs or
one of their Business Associates that involves the ability to access PHI
in any manner?
- Are you a hosting
service, storage or other vendor that has PHI residing in your network,
even if you do not access the information?