Kevin is at the Healthcare Information and Management Systems Society (HIMSS) Conference in New Orleans this week. Here is his latest blog posting he wrote for the Xchange Conference group:
Are You Hip To HIPAA 3.0 HITECH And The Omnibus Rule?
The U.S. Department of Health & Human Services (HHS) released a new rule on Jan. 17 to protect patient privacy and secure health information established under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and run by The Office of Civil Rights.
With this new rule, The Omnibus Final Rule, protected payers and providers should no longer have any doubt that they are liable under HIPAA. To be sure, you only need to answer yes to a couple of the following questions:
- Do you receive, create, maintain or transmit Protected Health Information (PHI) for or from a covered entity (CE)?
- Are you a VAR, MSP, integrator or other, providing IT or related services to CEs or one of their Business Associates that involves the ability to access PHI in any manner?
- Are you a hosting service, storage or other vendor that has PHI residing in your network, even if you do not access the information?