Healthcare News & Insights

New HIPAA changes: Is your organization ready?

Privacy rule changes set to go into effect in 2010 could catch some health care staff off guard — and leave their organizations at risk. 

The changes extend HIPAA privacy and security requirements to associated businesses that handle patient health data and files.

But only about one-third of those businesses realized the new rules would cover them. That’s just one of the findings from a recent survey by the Healthcare Information and Management Systems Society.

Another shocker: 42% of those companies’ reps also didn’t know patients were guaranteed access to an electronic copy of their own records.

Unfortunately, a mistake on the part of a business associate can come back to haunt your own practice or hospital no matter how tight your own procedures are.

It’s not a bad idea to monitor how well vendors and business partners are handling their Health Insurance Portability and Accountability Act responsibilities — and to be prepared to either renegotiate contracts or find other partners if they aren’t living up to them.

Subscribe Today

Get the latest and greatest healthcare news and insights delivered to your inbox.


  1. Sean Smith says:

    Everyone keeps warning us about these new rules that are going into place but I have yet to see any concrete list of these new rules, how they apply, and how to follow them.

    Much like the original HIPPA act is something like 1208 pages, all it ends up saying is that we must take “reasonable measures” to keep patient information secure and and appropriately allow it to go to where it’s needed for proper medical treatment.

    What all of these fail to do is give us any straight forward information on what is considered “reasonable” and how we are expected to follow the rules.

    They are more than happy to tell us all about the fines, penalties, and repercussions but fail to tell us any useful information about what we actually need to do to properly “follow” these “rules.”