With the onslaught of activity over the past year regarding how businesses in America can communicate with the public and with their customers, it is easy to get confused. Add individual state laws to the numerous federal requirements—not the least of which are the privacy obligations under the Gramm Leach Bliley Act, 2009 HIPAA and many more updates to many more state and federal laws, regulations, rules and carrier instructions and agreement changes—and it can seem overwhelming.
Here in the the Privacy section of PIANET we hope to demystify recent laws and regulations to make your compliance easier. Be sure to check with your local PIA association to determine how exactly your resident state laws and regulations work and further affect you, and then please do so for each state in which you practice. Also be sure to check on requirements that may have been imposed upon you by those carriers and vendors with whom you conduct business and what reciprocal requirements you need to make of them.
HIPAA Omnibus Final Rule - September 2013 Edition
What HIPAA Means to PIA Members
HHS’ final rule was published in January, effective in March this rule will be enforced September 23rd. PIA agencies already have developed, implemented, are monitoring, enforcing and updating their overall privacy information/data, breach and systems security compliance program (which has included HIPAA since 2002) already required of you under current insurance law. Hence in most part the new HIPAA rule will be a matter of review and fine tuning for the changes in HIPAA.
Remember and Update Your Current Baseline:
- Across all of these differences, PIA agencies must be current on the state insurance privacy (and related requirements) that apply to their agency and the nature, scope and territories across which the agency operates. This is your data/privacy compliance foundation.
- Then the agency will add/modify these founding practices with the further/updated specifics from the revised HIPAA rules and/or health carrier and/or exchange instructions.
- On the list of additional reference resources, we’ve included an ABC’s Outline to assist member-agencies in approaching their agency review from which they will develop their agency’s specific plan for compliance.
To learn more, please click here to read the full overview.
Additional Documents to Review After Reading PIA HIPAA Overview
- ABCs of Privacy & HIPAA Compliance
- PowerPoint Presentation by Marissa Gordon-Nguyen, HHS
- Action Items List for Employers
- AICPA Scope of Regulation
- January 2013 HHS Summary
- Manning Morris & Martin LLP – HIPAA/BA article
- PIA Suggested HHS HIPAA Information/Education Resources