HIPAA Omnibus: Strategies for Compliance (Podcast)

Sept. 23, 2013
The day in which healthcare entities must be in compliance with the new provisions of the Health Insurance Portability and Accountability Act (HIPAA), known as the Omnibus Rule, has arrived. In this podcast, Healthcare Informatics Associate Editor Gabriel Perna speaks with Joseph Kirkpatrick, managing partner at KirkpatrickPrice, an independent audit firm that works with healthcare providers and vendors, about these new rules and how healthcare entities must go about dealing with them.

The six-month grace period is over and today is the day that healthcare entities must be in compliance with the new provisions of the Health Insurance Portability and Accountability Act (HIPAA), known as the Omnibus Rule. In this podcast, Healthcare Informatics Associate Editor Gabriel Perna speaks with Joseph Kirkpatrick, managing partner at KirkpatrickPrice, an independent audit firm that works with healthcare providers and vendors, about these new rules and how healthcare entities must go about dealing with them.

Joseph Kirkpatrick

Kirkpatrick talks about some of the elements of Omnibus which directly impact healthcare providers, such as changes to how they can use patient information for marketing purposes and the increased clarification on breach notification. However, the most prominent change coming from Omnibus, according to Kirkpatrick, is the relationship providers have with their business associates.  

“In the past, healthcare organizations would outsource certain functions to third-parties and they would require them to sign business associate agreements. But now that there are more stringent requirements being placed on business associates, I think that healthcare providers should be looking at their contracts, looking at those agreements, and trying to determine should we more specific with what we are asking them to sign contractually that they will do, when protecting patient information,” Kirkpatrick said to Perna.

Kirkpatrick talks about the potential mess providers would have on their hands if they don’t comply with these new business associate rules. He said the term “willful neglect” could apply to them, and they could be levied large HIPAA fines as a result.

What’s important for healthcare organizations to do, Kirkpatrick said, is to make a list of their current business associates, ensure they have an updated agreement, and also, rank those associates in terms of risk.

Below is even more coverage from Healthcare Informatics on the HIPAA Omnibus Rule:

The Guidance Begins to Roll Out

As HIPAA Omnibus Compliance Ticks Closer – What Should Providers Know?

In HIPAA “Possession” is 10/10ths of The Law

Looking at the HIPAA Final Omnibus Rule: An Attorney's Perspective

……………….

To download this or other HCI Podcasts from iTunes, click here.

Sponsored Recommendations

2024's Healthcare Buyer Journey: New Research and Insights

Join us on April 30th for a webinar unveiling insights from the latest study on the Healthcare IT Buying Journey! Discover evolving challenges, effective health data management...

Improving care with AI-powered solutions

Don't miss our April 23rd webinar delving into the transformative impact of AI-powered solutions on healthcare. Join industry leaders Reid Conant and Dr. Patrick McGill as they...

Shield your health system against cyber threats

You won't want to miss out on this imperative April 4th webinar about how you can protect your healthcare organization. Join us to learn how to fortify your health system against...

Healthcare Trends 2024: Trends & Strategies for Future Success

Explore the future of healthcare in 2024 with insights from the Healthcare Industry Trends Report. Stay ahead of the curve as we delve into the latest industry developments and...