Just like many other laws in our country, HIPAA is always evolving. HIPAA is one of, if not the most important law regarding the safekeeping and dissemination of medical records. The past few years have brought about several changes, that in turn, required HIPAA to evolve.
Everything from the COVID-19 pandemic, new technologies, and even an increased reliance on telehealth have all brought some changes to this law. Whether you’re a patient or a provider, it’s critical to understand your rights, as well as what you can expect. Many changes are coming on the horizon, but it’s important to look at some of the most recent alterations.
What is HIPAA?
We’ve already written about HIPAA at length, but the simple answer is that HIPAA is a law that governs medical records. HIPAA was enacted in 1996 as a part of The Social Security Act. Its main focus is to regulate and protect sensitive health information.
It’s a strict set of guidelines that mandate everything from what information to protect, how to protect it, and how to share and destroy it. However, there are steep penalties for violating HIPAA regulations, often in the thousands of dollars for even a single violation.
Changes to HIPAA
There have been a few critical changes to HIPAA over the past few years. 2013 saw the first major piece of legislation when Congress passed the HIPAA Omnibus Rule. This rule was a change to the Health Information Technology for Economic and Clinical Health (HITECH) Act. This rule made several fundamental changes to the security, privacy, breach notification, and enforcement rules to account for new technology. It also expands the rules for certain businesses to comply with HIPAA or hold them directly liable.
21st Century Cures Act
In 2016, Congress passed the 21st Century Cures Act. In short, this piece of legislation aided in the sharing of information about medical research. Although not a direct change to HIPAA itself, it does govern how to share this data and protocols for data breaches.
2020 CARES Act
During the height of the COVID-19 pandemic, Congress passed the CARES Act to expand certain items that fall under the HIPAA purview. During the lockdown, many people were forced to visit their doctors virtually, while also struggling financially. New rules were enacted to slightly loosen the restrictions around personal health information (PHI), while also tightening the rules about notifications for data breaches.
This allowed patients to get the care they needed quickly, while also protecting them from data breaches. It also includes individuals suffering from substance abuse disorder (SUD) to get the help they need. It allowed for covered entities to be able to get patient information more readily.
2021 HIPAA Safe Harbor Law
This is the most recent change to the law itself. The 2021 HIPAA Safe Harbor Law encourages businesses and covered entities to improve or upgrade their cybersecurity measures. It mostly applies to the financial penalties that could be assessed in instances of data breaches.
The effects are two-fold. First, it encourages businesses to upgrade their security measures to the latest and most effective cybersecurity protocols. Secondly, it reduces the penalties and audit times for companies that can prove that “best practices” were followed in the event of a breach. The Department of Health and Human Services (HHS) is ultimately the body that will decide if these practices were followed.
Upcoming Legislation and Changes to HIPAA
Several proposed changes are coming for HIPAA. It’s unclear if they will pass still. In general, most of these changes aim at making patient health records more accessible and easier to share among entities.
Some of the proposed changes include:
- Allowing patients to inspect their PHI in person, or photograph relevant documents
- Changing the maximum time allotted to receive PHI from 30 days to 15
- Allowing patients to transfer PHI or EHR to third-party apps
- Allowing patients to transfer certain PHI and EHR at no cost
- Forcing companies to be more transparent regarding fees associated with PHI sharing
These are just a few of the changes that are on the horizon. It’s no surprise that technology and changes to the social fabric of the nation have motivated these revisions. As with most laws, they must evolve. HIPAA is no different, and these changes will undoubtedly not be the last.
Record Nations Can Help You Keep Up With All The Changes to HIPAA
Record Nations partners with the most innovative and secure medical record management companies in the United States. No matter what your business needs, we can partner you with the right company at the right price. All of our providers comply with the latest changes to HIPAA and the latest cybersecurity protocols.
Record Nations will help you find a professional document scanning and offsite storage service provider near you to digitize your records and keep a backup copy safe. Call us at (866) 385-3706 or fill out the form for a free quote on services in your area. We look forward to helping you keep your patient’s information safe and accessible.