855-385-2160 [email protected]

Avoiding Malpractice Tips

New HIPAA Rule

May 1, 2013 | Avoiding Malpractice Tip

New HIPAA Rule: What Does This Mean for You?

The Office for Civil Rights of the U.S. Department of Health and Human Services (HHS) has moved forward to strengthen the privacy and security protections for health information established under the Health Insurance Portability and Accountability Act of 1996 (HIPAA).

The HIPAA Omnibus Final Rule, which implements changes made by the Health Information Technology for Economic and Clinical Health (HITECH), greatly enhances a patient’s privacy protections, provides individuals new rights to their health information and strengthens the government’s ability to enforce the law. The new rule is effective March 26, 2013, but generally gives providers until September 23, 2013, to become compliant and revise and redistribute notices of privacy practices (NNP).

The changes in the final rule making provide the public with increased protection and control of personal health information. The HIPAA Privacy and Security Rules to date have focused on health care providers, health plans and other entities that process health insurance claims.

The new rule implements legislative changes that expanded many of the privacy requirements to business associates of these entities that receive protected health information, such as contractors and subcontractors. Some of the largest breaches reported to HHS have involved business associates. Penalties have been increased for noncompliance based on the level of negligence, with a maximum penalty of $1.5 million per violation. The changes also strengthen the HITECH Breach Notification requirements by clarifying when breaches of unsecured health information must be reported to HHS.

Familiarize yourself with the new HIPAA Omnibus Final Rule. Ensure your business partners are also in compliance with the HIPAA Omnibus Final Rule. Review your Professional Liability Insurance Policy to see if you have protection for expenses related to a breach or violation of HIPAA.

NASW Assurance Services has worked to enhance its new NASW-Endorsed Professional Liability Insurance Policy to cover certain HIPAA related claims by automatically including $25,000 for HIPAA Privacy Coverage, an essential benefit in today’s healthcare environment.

For more information and resources about HIPPA, visit https://www.socialworkers.org/About/Legal/HIPAA-Help.

Published May 2013

Avoiding Malpractice Tips

Avoiding Malpractice Tips

Monthly advice and information to help you manage risk. See list of past articles.

Resources and References

Join Our Email Family

Receive our monthly newsletter, announcements, and notices to keep you informed and involved in your professional community.

Follow Us

COVID-19 Notice

NASW Risk Retention Group (NASW RRG) shares information based on our helpline inquiries, corresponding claims history, and an understanding of a varying nationwide professional state regulatory environment.

Due to COVID-19, many states have implemented or waived specific regulations; it is the individual professional's responsibility to research, implement, and monitor those regulations; and apply our risk management content as a consideration in your practice environment. Do not interpret this risk management material as any means to alter professional training, standards, nor any ethics information provided by your professional association.

Please understand, the NASW RRG makes no representations or warranties other than those stated to our current policyholders in the insurance policy contract. Please contact us if you have further questions.