40% OFF Sale through January 23: COVID Clinical Best Practices. Use "CLINICAL40" coupon code in your shopping cart.

HIPAA changes 2020HIPAA Changes 2020: HHS Privacy and Security

Since 2013, there hasn’t been any significant changes to HIPAA, however there have been proposed changes. The Department of Health and Human Services (HHS) recently announced that they are revisiting previously proposed changes to security and privacy regulations in 2020. HIPAA changes 2020 is discussed below.

HIPAA Changes 2020: Civil Monetary Penalties

When a healthcare organization violates HIPAA privacy or security requirements, they are often required to pay civil monetary penalties (CMPs) to the HHS’ Office for Civil Rights (OCR). Under the current regulations, CMPs are not paid to individuals affected by a HIPAA violation. Individuals do not receive monetary compensation because HIPAA does not allow individuals affected by HIPAA violations to file lawsuits to recover damages. Some states allow patients to file lawsuits, but they cannot file at the federal level.

One proposed HIPAA change in 2020, is to allow individuals harmed by a HIPAA violation to seek monetary relief. Individuals affected by HIPAA violations (particularly those that have had their Social Security numbers or financial information exposed), spend significant time and money recovering from the incident. The only compensation victims receive at present is free credit monitoring and identity theft protection.

Although this is helpful in some cases, there are several instances in which HIPAA violations take months, or even years, to detect. In these cases, these services do little to help patients that have already had their identity or credit compromised.

HIPAA Changes 2020: Accounting of Disclosures

In 2009, the Office for Civil Rights proposed legislation to include electronic protected health information (ePHI) under the accounting of disclosures requirement. Under the accounting of disclosures requirement, patients have the right to request a list of entities that have had access to their protected health information (PHI).

However, this requirement does not extend to ePHI, only to access of paper records. Since ePHI is more widely used today, than when HIPAA was enacted in 1996, this change is long overdue. When the change was first proposed in 2009, it was met with backlash from providers and other HIPAA entities as it would significantly increase the number of entities listed in the accounting of disclosures. HHS has announced that they will add the amendment to the accounting of disclosures requirement to their agenda for 2020.

HIPAA Resources

Need assistance with HIPAA compliance? Compliancy Group can help! They help you achieve HIPAA compliance with Compliance Coaches® guiding you through the entire process. Find out more about the HIPAA Seal of Compliance® and Compliancy Group.

Get HIPAA compliant today!

Telehealth Training or Telemedicine Training?

If you are developing a hybrid telehealth model, now might be the right time to get serious about telehealth training. TBHI offers competency-based training from the convenience of your home or office Internet connection. Whatever your need, from basic telehealth to specialty topics, TBHI is the industry leader with online training to help you develop your evidence-based protocols, learn to be compliant with state, provincial and national laws, implement practical documentation shortcuts to legal and ethical compliance, and find the best technology to maximally protect your clients or patients.

Enjoy a step-by-step learning path that teaches you how to prevent as well as handle even the most difficult of clinical scenarios. All training is evidence-based and available online 24/7 through any device. Individual courses and webinars, as well as two micro certifications: