On May 31, 2011, the Department of Health and Human Service (HHS) published its proposed revisions to the accounting of disclosures requirements, one of the more controversial mandates under the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule.
In short, the proposal would provide patients and enrollees with the ability to learn who has seen their records, through an “access report” (without providing information about the reason), and would provide more detailed information for disclosures of information that are most likely to be of interest to the individual (such as disclosures to law enforcement).
HIPAA-covered entities should remember that this is a proposed rule and, therefore, should not rush to make costly changes to systems and processes based on this proposal. Nonetheless, they should understand the proposal and its possible implications, and proactively address some basic issues.
This is a good time for covered entities to:
• Comment on the proposed rule (comments are due Aug. 1, 2011), both with respect to provisions that may be overly burdensome and those that may prove beneficial.
• Assess their electronic auditing of information system activity to ensure that they are comprehensively logging user access to electronic protected health information in designated record sets.
• Revisit and, if necessary, update their documentation relating to designated record sets (generally medical and billing records).
• Verify (and reassess, if necessary) which business associates have access to designated record sets.
Source: Davis Wright Tremaine LLC
Related Posts
Fujifilm introduces FDR D-EVO P-Series flat panel detectors- Vasyli, Scrip partner to offer chiropractors new advanced orthotic and orthotic sandal technology
- Sherman names faculty, staff members of the year
- Meaningful use of electronic health records
- AMC announces free CE course
- ChiroTouch to host webinar on creating care plans
