A major update to the Health Insurance Portability and Accountability Act went into effect this week, giving health care providers, insurance plans, self-insured employers, and a wide range of contractors and vendors just six months to implement the changes. The HIPAA omnibus final rule, which enacts changes outlined in the 2009 Health Information Technology for Economic and Clinical Health Act went into effect Tuesday. But federal regulators have given covered entities and business associates six months, until the end of September, to comply before they start enforcing the new rules.
"Many companies are not in the health care space generally and aren't at all prepared for what HIPAA requires. They do something that's only tangentially related to health – they administer email systems, or something like that," said co-chair of the Cybersecurity and Privacy Team Shannon Hartsfield. "Telling them they need to comply with HIPAA is sometimes a difficult message to deliver," said Ms. Hartsfield.
Please note that email communications to the firm through this website do not create an attorney-client relationship between you and the firm. Do not send any privileged or confidential information to the firm through this website. Click "accept" below to confirm that you have read and understand this notice.