Employer's Guide to HIPAA Privacy Requirements
The HITECH Act tightened HIPAA’s privacy and security rules considerably — beefing up enforcement and, for the first time, requiring group health plans to notify plan participants of security breaches. In addition, the law extends HIPAA rules to cover third-party administrators and other "business associates" for the first time, and new restrictions on marketing require plan sponsors to re-examine their communications to participants. The Employer’s Guide to HIPAA Privacy Requirements deciphers HIPAA’s elaborate privacy, security and transaction rules.
With the Employer’s Guide to HIPAA Privacy Requirements, you can:
- Understand HIPAA in plain English
- Stay in compliance and be confident you’re addressing new requirements
- Receive quarterly updates of new analysis pages, practice tools, and quarterly newsletters to keep you current on critical developments in Congress, the courts, and federal agencies
- Save time by using the sample forms, charts, notices, and checklists provided with your manual
- Save money by having one comprehensive resource filled with the most authoritative guidance
Major Topics Covered
The Employer’s Guide to HIPAA Privacy Requirements analyzes the new and existing requirements governing the use and disclosure of personal information—then it zeroes in on the special problems they present for employers and other sponsors of group health plans. Plus, it brings you tips and techniques for saving time and money, sample documents and compliance checklists, and best practice guidelines to help you avoid potentially costly pitfalls.
Quarterly newsletters will keep you up-to-date as the U.S. Department of Health and Human Services (HHS) issues regulations and provides much-needed clarification on the HIPAA rules.
This easy-to-use looseleaf manual brings you the authoritative guidance and practical tools you need to protect your organization from lawsuits and HHS investigations.
Your Employer’s Guide to HIPAA Privacy Requirements shows you:
- What changes to vendor contracts and privacy notices the recently proposed HITECH rules will require
- What forms of notification are required by the HITECH rules in the event of a privacy or security breach
- How recent restrictions on the use or disclosure of genetic information could affect your wellness program
- How to properly assess the security risks to your electronic records and re-assess them when necessary
- What are the pitfalls of HIPAA’s new beefed-up penalty provisions and HHS’s tough new enforcement stance
- How to maintain proper organizational “firewalls” between the plan and employer
- How the new marketing restrictions and individual rights affect plan administrators
- How to make sure your auditing and training programs are keeping the plan in compliance in this new era of tighter enforcement
- How to properly notify employees of their rights, including the new rights granted by the HIPAA amendments
- How the new rules interact with state requirements and what role the states will play in HIPAA enforcement
- And much, much more!
Outsourcing administration of your group health plan? Remember, you are ultimately responsible for compliance. It’s the law. And it’s your company that faces fines or penalties if your program doesn’t measure up. That’s why it’s so important for you to be up-to-date on all the changes in the HIPAA law.
Summary of Contents
- Overview of HIPAA Privacy Requirements
- Protected Health Information (PHI)
- Uses and Disclosures
- Authorization and Consent
- Administrative Requirements
- Enforcement and Liability Issues
- Interaction With Other Federal Laws
- State Laws
- Moving Toward Full HIPAA Compliance
- Related Administrative Simplification Standards
Format and Frequency
- One volume Manual
- Quarterly Updates
About Your Print Subscription
Your annual subscription includes published updates at no additional charge for the 12-month subscription period. If you have any questions about your subscription, please contact Client Services at service@blr.com or call us at 1-800-727-5257, Monday - Friday, 8am - 5pm Central Time.
Authors and Editors
Kathryn Bakich is a senior vice president and the national director of health compliance for The Segal Company in Washington, D.C. She specializes in research and analysis of federal laws and regulations affecting health coverage, such as HIPAA, COBRA, the Newborns’ and Mothers’ Health Protection Act, the Mental Health Parity Act and the Women's Health and Cancer Rights Act. Previously, she was an attorney in private practice representing multi-employer health plans and was an appellate administrative law judge. She is a 1985 graduate of the University of Missouri School of Law. Ms. Bakich is co-author of Thompson’s Employer's Guide to HIPAA Privacy Requirements.
Joanne Hustead is vice president of health compliance with Segal. She specializes in research and analysis of federal laws and regulations affecting group health plans. Previously, she was an assistant research professor at Georgetown University's Institute for Health Care Research and Policy (now the Health Policy Institute), where she focused on medical privacy laws. She was the primary author of Genetics and Privacy, published in the American Journal of Law & Medicine (Vol. 28) 285-307 (2002) andGenetics and Privacy: A Patchwork of Protections, published by the California HealthCare Foundation (2002). She is a 1982 graduate of the University of Pennsylvania School of Law. Ms. Hustead is a contributing editor of Thompson’s Employer's Guide to HIPAA Privacy Requirements.
Editorial Advisory Board for the Employer's Guide to HIPAA Privacy Requirements
Kathryn Bakich, Esq.
The Segal Company
Washington, D.C.
Rich Glass, J.D.
Mercer Health & Benefits LLC
Dallas
Paul M. Hamburger, Esq.
Proskauer Rose LLP
Washington, D.C.
Jack B. Helitzer, Esq.
Fairfax, Va.
Joanne Hustead, Esq.
The Segal Company
Washington, D.C.
Michael Laffey, Esq.
Laffey & Associates, P.C.
Carnegie, Pa.
Mark E. Lutes, Esq.
Epstein Becker & Green, P.C.
Washington, D.C.
Peter J. Marathas, Jr., Esq.
Proskauer Rose LLP
Boston
James R. Napoli
Seyfarth Shaw LLP
Washington, D.C.
Jon A. Neiditz, Esq.
Kilpatrick Townsend & Stockton LLP
Atlanta
Adam V. Russo, Esq.
The Phia Group, LLC
Boston
Mark L. Stember, Esq.
Kilpatrick Townsend & Stockton LLP
Washington, D.C.