The Healthcare Insurance Portability and Accountability Act (HIPAA) plays a critical role in healthcare organizations and the main objective of (HIPAA) is to improve the efficiency and effectiveness of the health care system. HIPAA regulations were mainstream in 2020 due to COVID-19 testing, status, transmission, and care.
HIPAA the act was signed into law in 1996 with the original intention of helping more Americans gain health insurance coverage and ensuring that employees would not lose their health insurance if they changed jobs.
Patient-protected health information is getting safeguarded by the HIPAA act. Companies that deal with PHI must have physical, technical, and administrative security measures in place. Moreover, they need to follow those procedures in order to be considered in compliance with HIPAA.
HIPAA Omnibus Rule changes in 2013 were the last update to the HIPAA Rules, This update was introduced new requirements mandated by the Health Information Technology for Economic and Clinical Health (HITECH) Act.
It is natural that changes in HIPAA regulations are now long overdue as it has now been more than 7 years since there was a major update to HIPAA regulations.
According to HHS findings, HIPAA regulations are proving problematic due to changes in technologies or practices and now they are no longer as important as when they were signed into law. Hence the updates in HIPAA regulations are inevitable.
Let’s look at the updates in HIPAA regulations for 2021
OCR was focused on changing aspects of the HIPAA Privacy Rule that hinder the transformation to value-based healthcare and areas where current Privacy Rule requirements limit or discourage coordinated care.
The updates to HIPAA include easing of restrictions on disclosures of PHI that require authorizations from patients and several HIPAA changes to strengthen patient rights to access their own PHI. Moreover, HIPAA changes have also been proposed to reduce the administrative burden on HIPAA-covered entities.
However, the comment period for Proposed Rulemaking ended in February.
Now OCR will consider the comments and will issue a final rule, which may see HIPAA changes implemented in 2021.
There some proposed changes to the HIPAA Privacy Rule include strengthening individuals’ access to their own health information, facilitating greater family and caregiver involvement in the care for individuals, and access to their PHI during emergencies or health crises, and reducing administrative burdens on HIPAA-covered providers and health plans.
COVID-19 Pandemic led to some changes in HIPAA
Some flexibilities offered on a temporary basis which makes it easier to healthcare providers and business associates on the front line in the fight against COVID-19.
For example- HIPAA Rules remain in effect and the requirements of the HIPAA Privacy Rule, Security Rule, and Breach Notification Rule remain unchanged.
However, enforcement of compliance may be eased during the sudden outbreak of disease.
To respond the COVID-19 pandemic three notices of Enforcement Discretion in 2020 and one in 2021 issued by OCR.
These notices will see penalties and sanctions for certain HIPAA violations waived for the duration of the COVID-19 nationwide public health emergency.
Moreover, OCR is waiving potential penalties for HIPAA violations by healthcare providers that provide virtual care to patients through everyday communications technologies during the COVID-19 nationwide public health emergency.