TRENDING:

HIPAA Omnibus: Guidance Coming

HHS to Issue Compliance Help for Providers, Business Associates Marianne Kolbasuk McGee (HealthInfoSec) • April 25, 2013    
HIPAA Omnibus: Guidance Coming

The Department of Health and Human Services will issue a "suite" of guidance to help healthcare providers, business associates and patients better understand how to comply with the HIPAA Omnibus Rule, an HHS attorney says.

See Also: 2024 Healthcare Cybersecurity Benchmarking Study

"We are trying hard to get guidance out as soon as we can," says Iliana Peters, an attorney at HHS' Office for Civil Rights who worked on the team that crafted the final rule. That way, providers will be better able to comply in time for the Sept. 23 enforcement date for the rule, she notes. The rule went into effect March 26.

Peters, who made her comments April 25 during a panel discussion on HIPAA Omnibus sponsored by Microsoft and consumer advocacy group Patient Privacy Rights, says OCR has been working with other agencies, including the Office of the National Coordinator for Health IT, in developing the guidance.

In recent months, HHS has issued other compliance guidance related to the HITECH Act electronic health record incentive program and HIPAA, including privacy and security tips for mobile devices (see: HHS Offers Mobile Device Security Tips).

Although Peters didn't elaborate on the topics of the guidance, she says it will take into account questions that covered entities, consumers and business associates have asked OCR about the HIPAA Omnibus Rule, which includes extensive security, privacy and breach notification provisions.

During the process of writing the new rule, OCR eliminated some sections "to get it to a manageable size," Peters says. Some material that was cut will be included in the forthcoming guidance, she adds.

Previous
E-Mail Privacy Bill Clears Senate Panel
Next
ACOs: The Security Challenges

About the Author

Marianne Kolbasuk McGee

Marianne Kolbasuk McGee

Executive Editor, HealthcareInfoSecurity, ISMG

McGee is executive editor of Information Security Media Group's HealthcareInfoSecurity.com media site. She has about 30 years of IT journalism experience, with a focus on healthcare information technology issues for more than 15 years. Before joining ISMG in 2012, she was a reporter at InformationWeek magazine and news site and played a lead role in the launch of InformationWeek's healthcare IT media site.



Around the Network

Protecting Medical Devices Against Future Cyberthreats
Protecting Medical Devices Against Future Cyberthreats
Evolving Threats Facing Robotic and Other Medical Gear
Evolving Threats Facing Robotic and Other Medical Gear
Medical Device Cyberthreat Modeling: Top Considerations
Medical Device Cyberthreat Modeling: Top Considerations
Identity Security and How to Reduce Risk During M&A
Identity Security and How to Reduce Risk During M&A
Safeguarding Critical OT and IoT Gear Used in Healthcare
Safeguarding Critical OT and IoT Gear Used in Healthcare
Why Health Firms Struggle with Cybersecurity Frameworks
Why Health Firms Struggle with Cybersecurity Frameworks
Transforming a Cyber Program in the Aftermath of an Attack
Transforming a Cyber Program in the Aftermath of an Attack
Is It Generative AI's Fault, or Do We Blame Human Beings?
Is It Generative AI's Fault, or Do We Blame Human Beings?
How 'Security by Default' Boosts Health Sector Cybersecurity
How 'Security by Default' Boosts Health Sector Cybersecurity
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
How the NIST CSF 2.0 Can Help Healthcare Sector Firms

Continue »

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.