If you work in the field of healthcare technology, it’s imperative that you stay up to date on the latest HIPAA requirements.
This can be a challenge. They’ve recently updated, which means rules and regulations you’ve been abiding by may look slightly different than in the past.
From new incentives to the 2020 CARES act, there’s a lot to know.
Here’s what you need to know about HIPAA compliance requirements in 2021 and beyond.
When Did HIPAA Requirements Change?
President Trump signed HR 7898 into law on January 5, 2021. In this document, several revisions and updates were made to help bolster cybersecurity and provide rewards for businesses that adhere to the rules.
HIPAA, which stands for the Health Insurance Portability and Accountability Act, regulations get updated about every three years. Seeing as the law came into effect in 1996—nearly 30 years ago—that means there have been plenty of revisions in the past.
Staying HIPAA compliant matters no matter which business you’re in. If you conduct business online, there are potential risks you could be taking that jeopardize client or employee information.
Some find it easier to hire an IT professional to make sure they’re taken care of. (Learn more about that by visiting https://www.generationix.com/it-services-los-angeles/.)
The 2021 HIPAA law amends the HITECH (Health Information Technology for Economic and Clinical Health Act) information contained within HIPAA.
The main focus of the law is that the U.S. Department of Health and Human Services must now consider penalties that law-abiding entities face. In the past, it hasn’t been as clear who would enforce such penalties or how they might go about it.
Namely, if a business or association stays HIPAA compliant, the new bill says that they may be able to avoid audits or get out of other sorts of legal trouble for sticking with the rules.
The rules reward consistent behavior even to people who may have violated HIPAA in the past.
HIPAA Laws and the 2020 CARES Act
The 2020 CARES Act was signed into law on March 27, 2020, as a way to stimulate the economy due to the COVID-19 pandemic. But as is the case with most bills, items like citizens receiving stimulus checks were not the only thing on the legislation.
An example of that is how the HIPAA laws were adjusted to accommodate the Coronavirus pandemic. The CARES act makes 42 CFR Part 2 better, ensuring that Americans get the help they need during the pandemic.
One specific example points to those suffering from substance abuse. Although health orders like social distancing and stay-at-home were in effect, the regulations said that people suffering from such an issue would still receive the treatment they needed.
Another COVID-19-related change ensures that families can get access to their primary care doctors. It acknowledges the disruptiveness of COVID and strives to help families feel safe and protected.
Cybercrimes and HIPAA
Today, the biggest threat to your data protection comes from hackers and cybercriminals. Most of our health records are now electronic, and a single breach could expose sensitive information.
Unfortunately, studies show the number of cyberattacks is higher than ever before. This is why new HIPAA regulations sternly focus on punishing people trying to do harm on the internet.
More severe penalties are now in place for those committing these types of crimes. And for healthcare providers, twelve months of your operations are taken into account when determining if you were negligent in protecting information.
The goal of this part of the bill isn’t to punish healthcare providers. It’s to incentivize them to take the necessary steps to avoid cybercrimes happening to them. This helps better protect client health records and keeps entities and businesses safe.
So, what’s changed that could be a drawback?
The goal of HIPAA is to ensure you have protected health information. Unlawful parties should not be able to access your health records or sensitive data without your express written consent. This is one area that could be potentially under threat due to the new HIPAA requirements.
For example, verbal consent is not the same as authorization. While consent allows for information to be given so that you receive treatment, it may not allow for information to be dispensed
Under the new HIPAA guidelines, it’s easier to obtain authorization for some entities. This could potentially put your information at risk for unlawful third parties or to people online.
The risk is—hopefully—very low, but it does open doors that couldn’t open before.
Slow Release of HIPAA Rules
It is important to note that HIPAA rules do tend to change slowly. The last updates before the 2021 bill were seven years ago.
Of course, this is to protect the information that’s already there. It also gives lawmakers a chance to consider all angles before passing something that could be harmful.
The changes to laws also tend to reflect current healthcare technology. As things become more advanced, the laws must be changed to ensure that people are safe in new mediums.
For example, HIPAA regulations now take into account the mass number of healthcare providers using online portals. Information that’s sent and received over the internet has to be secured, and unsecured platforms like email are not supported.
Healthcare Technology and HIPAA
It’s important for any healthcare technology professional to understand the new HIPAA requirements signed into law on January 5, 2021. Much of what’s changed reflects the growth of the internet and digital landscape as well as the Coronavirus pandemic.
Knowing the new laws will better equip you to serve your clients or protect your healthcare business.
For more tech news, click around our blog!