In 2013 the U.S. Department of Health and Human Services (HHS) promulgated a new rule to strengthen privacy and security for health information created by the 1996 Health Insurance Portability and Accountability Act (HIPAA). HHS Secretary Kathleen Sebelius stated that “Much has changed in health care since HIPAA was enacted over fifteen years ago. The new rule will help protect patient privacy and safeguard patients’ health information in an ever expanding digital age.”
The rule enhanced patients’ privacy and rights to their health information, and it strengthened enforcement. HIPAA Privacy and Security Rules had focused on healthcare providers, health plans and other entities that process health insurance claims. The new rule extended compliance to healthcare providers’ business associates that receive protected health information. Non-compliance now carries fines up to $1.5 million per violation. The rule also strengthened Health Information Technology for Economic and Clinical Health (HITECH) breach notification, clarifying when breaches must be reported.
Healthcare staff must know the rules for accessing and storing protected information, how sensitive data must be handled, and how to react if a breach occurs. HIPAA policies and procedures give explicit compliance guidance. TelStrat’s Engage WFO call recording with automatic pause/resume control and CRM integration enables users to programmatically comply and provide required reporting for the HHS’s annual enforcement audits. Engage WFO enables healthcare providers with their covered entities and business associates to adhere to HIPAA policies and procedures.
For more information, download our guide on Achieving HIPAA and HITECH Compliance.