2024Fall
October 3, 2024
Proposed New HIPAA Changes 

Proposed New HIPAA Changes 

BY BELLINGER MOODY, RHIA, CPC, Chief Compliance & Privacy Officer, Coronis Health, North Augusta, SC 

Proposed New HIPAA Changes 

Share

As chief compliance officer (CCO) here at Coronis Health, I am committed to ensuring our organization stays ahead of the curve as it pertains to regulatory and compliance requirements. While recent HIPAA regulations have brought about minor adjustments, the anticipated end-of-year updates are expected to have a much greater impact on HIPAA compliance practices. These updates aim to bolster patient privacy, enhance data security, streamline access to health information and will ensure that we continue to provide the highest standard of care while safeguarding sensitive data.  

There has not been a major overhaul of Health Insurance Portability and Accountability Act (HIPAA) Rules since 2013, but that is about to change. On December 10, 2020, the Office for Civil Rights (OCR) issued a Notice of Proposed Rulemaking (NPRM), proposing major changes to the HIPAA Privacy Rule. Though the Final Rule is expected to be published in 2024, the exact date and effective date have yet to be provided. 

ENHANCED PATIENT ACCESS TO HEALTH INFORMATION 

Clearly, empowering patients with easier access to their health information is a priority for the OCR. The days of patients waiting weeks to receive their medical records are numbered. The proposed changes mandate that patients should have prompt electronic access to their health information. This is akin to online banking, where customers can instantly view their account statements, enhancing transparency and empowering patients to take charge of their health. 

STRENGTHENING PRIVACY AND SECURITY  

Data security is undeniably the most critical compliance risk area today. With cybercrime at an all-time high, it is imperative that healthcare organizations implement stringent security measures. Just as homeowners invest in advanced security systems to protect their properties, we must adopt cutting-edge technologies like advanced encryption and multi-factor authentication to safeguard patient data. These measures are not just about compliance; they are about protecting the trust our clients and patients place in us. 

SHARING OF HEALTH INFORMATION AMONG PROVIDERS 

In today’s interconnected world, seamless information sharing between healthcare providers is essential for optimal patient care. One of the objectives of interoperability is to eliminate so-called “data islands.” The proposed updates aim to standardize data formats and interoperability protocols, ensuring that critical health information flows smoothly between different systems. Think of it as different brands of smartphones using a common charging port—it simplifies the process and ensures compatibility, ultimately benefiting the patient through improved care coordination. 

REDUCING ADMINISTRATIVE BURDEN  

Healthcare compliance professionals have long grappled with the complexities of regulatory requirements. The proposed changes seek to alleviate this burden by automating compliance tasks and reducing redundant paperwork. This is similar to upgrading a manual checkout process to a self-service kiosk, making it faster and more efficient. By streamlining these processes, healthcare providers can focus more on patient care rather than administrative tasks. 

IMPROVED BREACH NOTIFICATION REQUIREMENTS  

Timely and effective communication in the event of a data breach is crucial. The proposed changes refine the rules on breach notifications, specifying more stringent timelines and clearer guidelines. Imagine receiving an instant alert on your phone when suspicious activity is detected on your credit card— prompt notification allows for swift action, minimizing potential damage. Similarly, quick breach notifications in healthcare ensure that patients and authorities are informed without delay. 

ADDRESSING EMERGING TECHNOLOGIES 

The healthcare landscape is rapidly evolving with the advent of telehealth services, mobile health apps, and AI driven tools. The proposed updates to HIPAA and the Health Information Technology for Economic and Clinical Health (HITECH) Act aim to ensure these new technologies comply with existing standards without stifling innovation. It’s like updating traffic laws to safely integrate electric scooters on city streets. These regulations ensure that while we embrace new technologies, we do so responsibly, protecting patient privacy and security. 

CONCLUSION 

Here at Coronis Health, we are committed to maintaining the highest standards of compliance and security. The proposed updates to HIPAA/HITECH are not just regulatory requirements; they are essential steps toward enhancing patient care and protecting sensitive health information. As we navigate these changes, we remain dedicated to providing top-notch service to our clients while safeguarding their patients’ data with the utmost integrity.  

As we move forward, let’s remember that these changes are about more than just compliance—they are about trust, transparency and the future of healthcare. 

https://www.hipaajournal.com/new-hipaa-regulations

Bellinger Moody, RHIA, CPC, is Chief Compliance & Privacy Officer for Coronis Health. With over 30 years of experience in the healthcare industry, he has assisted numerous healthcare organizations through complex compliance landscapes, ensuring they thrive in a rapidly evolving industry. Mr. Moody is a nationally recognized expert in the industry. He is a nationally Registered Health Information Administrator (RHIA) through the American Health Information Management Association (AHIMA), a nationally Certified Professional Coder (CPC) through the American Academy of Professional Coders (AAPC), a nationally Certified Compliance Professional (CCP) through the Healthcare Fraud & Abuse Compliance Institute, an AAPC Approved Professional Medical Coding Curriculum (PMCC) Coding Instructor and a member of the Medical Group Management Association (MGMA). He can be reached at bellinger.moody@coronishealth.com