Stephanie Williams

Mark your calendars for September 23, 2013. This is the date that covered entities and business associates must comply with most provisions of the new Rule which becomes effective March 26, 2013.

Benefits Alert 2011-04

The US Department of Health and Human Services (HHS) is in the process of having audits performed to ensure covered entities and business associates are complying with the HIPPA Privacy and Security Rules. Every covered entity and business associate is a potential candidate for a periodic audit by HHS to ensure they are complying with the HIPPA Privacy and Security Rules and Breach Notification Standards. These audits are mandated by the American Recovery and Reinvestment Act of 2009 (ARRA).

A Maryland health care provider was charged in February with violating 41 patients’ rights by denying them access to their medical records when requested between September 2008 and October 2009. A primary tenant of HIPAA is that patients own their health records not doctors and upon request patients must be provided access within a reasonable time (60 days maximum).