Anna M. Bonner, R. EEG T., RPSGT

The Health Insurance Portability and Accountability Act (i.e., HIPAA) has grown into a more robust and regulated law since its first inception in 1996, primarily beginning when the Omnibus Rule of 2013 was introduced. The Omnibus Rule created modifications to HIPAA’s privacy and security rules, as well as created changes for enforcement and breach notification rules. Since then, the federal government has been enforcing the law more stringently, bringing in record amounts in fines and millions of dollars in settlements and judgements annually. But the law is an abstract, principle-based regulation, where A does not always equal B; rather it is based and interpreted on risk. In the current environment where the Department of Health and Human Services’ Office for Civil Rights (HHS) (OCR) just concluded 2018 with an all-time record for HIPAA enforcement, we as healthcare professionals must be proactive with our compliance and get policies in place well before something, such as a breach, happens. I recently attended a live webinar focusing on the “Upcoming Changes with HIPAA – 2019” presented by nationally renowned HIPAA Compliance Consultant, Brian L. Tuttle. Brian is a Certified Professional in Health IT, Certified HIPAA Professional and Administrator, and has over 17 years of experience in Health IT and Compliance Consulting. In this Tech Tips article, I will share key tips on privacy and security rules, which present our biggest challenges for standard compliance.

• Tags: HIPAA, PHI, Protected Health Information