Updates for 2013, continued

This version of the course is no longer available.
Need multiple seats for your university or lab? Get a quote
The page below is a sample from the LabCE course HIPAA Privacy and Security Rules (to be retired 12/31/2020). Access the complete course and earn ASCLS P.A.C.E.-approved continuing education credits by subscribing online.

Learn more about HIPAA Privacy and Security Rules (to be retired 12/31/2020) (online CE course)
Updates for 2013, continued

The Final Rule consists of four separate rule modifications:

  • Modifications to the HIPAA Privacy, Security, and Enforcement Rules mandated by the HITECH Act and certain other modifications to improve the HIPAA Rule
  • Makes business associates of covered entities directly liable for compliance with certain of the HIPAA Privacy and Security Rules’ requirements.
  • Strengthens the limitations on the use and disclosure of protected health information (PHI) for marketing and fundraising purposes
  • Prohibits the sale of PHI without individual authorization
  • Expands individuals’ rights to receive electronic copies of their health information
  • Restricts disclosures to a health plan concerning treatment when the individual has paid for the treatment entirely out-of-pocket
  • Requires modifications to a covered entity’s notice of privacy practices (the modified notices must then be redistributed)
  • Modifies the individual authorization and other requirements:
    • to facilitate research and disclosure of child immunization proof to schools
    • to enable access to decedent information by family members or others
  • Provisions addressing enforcement of noncompliance with the HIPAA Rules due to willful neglect
  • Adopts changes to the HIPAA Enforcement Rule to incorporate the increased and tiered civil money penalty structure provided by the HITECH Act
    • Four tiers of increasing penalty amounts that correspond to the levels of culpability associated with the violation
  • Final Rule on Breach Notification for Unsecured Protected Health Information under the HITECH Act
  • Final rule modifying the HIPAA Privacy Rule as required by GINA
    • Prohibits most health plans from using or disclosing genetic information for underwriting purposes