Protecting Health Information Should Be a Top Priority
Lisa Pierce Reisz, a partner in the Vorys Columbus office, and Stephanie Angeloni, an associate in the Vorys Akron office, authored an article about HIPAA compliance for the May 13, 2013 edition of Crain’s Cleveland Business. In the article, the authors outline the tasks that employers that deal with protected health information must complete to be in compliance with the new omnibus HIPAA rule. The authors also indicate that the risks associated with not complying are high.
The article states:
“Multimillion-dollar civil monetary penalties, onerous consent decree obligations, random Office of Civil Rights audits and the empowerment of state attorneys general all show just how serious things are about to get.
Covered entities, which include health care providers and employee health plans, should be actively reviewing and updating their HIPAA compliance plans and their business associate agreements to ensure timely compliance.
Business associates, entities that provide services for or on behalf of health care providers and employee health plans — and their downstream vendors and subcontractors — must do the same.
This is a new requirement for many businesses, which now have HIPAA compliance obligations. HIPAA's expansion to include downstream subcontractors may be an unknown regulatory disaster for many who are completely unaware of their newfound obligations to safeguard health information privacy. And, they are at considerable financial risk if they don't.”
To read the entire article, visit the Crain’s Cleveland Business website. (Subscription may be required).