Monday, April 2, 2012

HIPAA/HITECH final rules shipped off to OMB

Read the Rule:

OCR made the final step before publishing final rules on HIPAA/HITECH, sending its rules to the Office of Management & Budget (OMB) March 24 for a review.

Once OMB completes the review — which can last up to 90 days — the rules will be published. OCR packaged four rules into one under the title, “Modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules”:

The final rules will include:
  • Modifications to the HIPAA Privacy and Security Rules (namely making business associates and subcontractors liable and responsible for security-rule compliance and the use and disclosures provision of the privacy rule)
  • Enforcement (new penalty levels)
  • Breach notification
  • Modifications of the HIPAA Privacy Rule as required by section 105 of the Genetic Information Nondiscrimination Act of 2008.

No comments: