Legislature Changes and Latest HIPAA Rules in 2018

The plan of two out for every latest rule introduced implies there are expected to be few, if any, fresh HIPAA rules in 2018. Nevertheless, that doesn’t imply it will be all calm on the HIPAA side. Roger Severino, HHS’ OCR director has signaled there are a few HIPAA modifications under consideration.

OCR is scheduling on eliminating a few of the labor-intensive and outdated elements of HIPAA that offer little help to patients, even though before HIPAA modifications are made, OCR will request comments from healthcare sector stakeholders.

Like with earlier updates, OCR will submit notifications of planned rulemaking and will request comments on the planned modifications. Those remarks will be cautiously considered prior to any HIPAA modifications are made.

The complete list of planned modifications to the HIPAA Secrecy Law hasn’t been made public, even though Severino provided some vision into what can be projected in 2018 at a latest HIPAA meeting in Virginia.

Severino described that there were 3 possible modifications to HIPAA rules in 2018, the first pertains to implementation of HIPAA Laws by OCR.

Ever since the launch of the Enforcement Law, OCR has had the authority to fiscally fine HIPAA protected units that are found to have defied HIPAA Laws or not put enough efforts into compliance. Ever since the integration of HITECH Law into HIPAA in 2009, OCR has been allowed to keep a part of the resolutions as well as CMPs it receives through its implementation activities. Those amounts of money are utilized, partly, to cover the expense of future implementation activities and to offer reimbursement to sufferers. So far, OCR hasn’t done the latter.

OCR is pondering inviting information on how a part of the agreements and civil financial fines it receives can be paid to the sufferers of healthcare data breaches and HIPAA infringements.

One part of the bureaucracy that OCR is pondering altering is the need for protected units to keep initialed forms from patients verifying they have obtained a copy of the protected unit’s notification of secrecy practices. In several instances, the forms are initialed by patients who merely desire to see a physician. The forms aren’t actually read.

One possible modification is to take out the need to receive and store initialed forms and in its place to inform patients of secrecy practices through a notification in a conspicuous position within the protected unit’s services.

Severino also stated OCR is pondering altering HIPAA rules in 2018 pertaining to good faith revelations of PHI. OCR is pondering officially clarifying that disclosing PHI in specific situations is allowed without first getting approval from patients – The distributing of PHI with close friends and family members when a patient is disabled or in instances of opioid drug misuse for example.

Although HIPAA permits healthcare suppliers to disclose PHI when a patient is in impending harm, additional rulemaking is necessary to protect good faith leakages.

Although these HIPAA modifications are being pondered, it might take until 2019 before they are applied.