HIPAA 2013 Impacts Employers As Well As Health Insurance Agents

Share Article

Total HIPAA reminds health insurance agents they can add value to their relationship with clients who sponsor a health plan by updating their clients on the need to meet new 2013 HIPAA Omnibus Rules

The HIPAA 2013 Omnibus Rule requires covered entities (employers), business associates (health insurance agents), and subcontractors to meet the same compliance and training requirements that guard employees Protected Health Information (PHI). Total HIPAA Compliance (http://www.TotalHIPAA.com) provides easy-to-use and cost-effective compliance materials and training for all three groups.

Total HIPAA discussions with health insurance agents at the September 28–October 1, 2013, NAIFA annual meeting in San Antonio, pointed out that many agents are not aware that their clients, who sponsor health plans, are defined by HIPAA as covered entities and must implement the law in their business. Jan Karn, President of Total HIPAA noted, “Unfortunately, it falls to the insurance agents to inform their clients with the news since many employer groups are unfamiliar with these regulations.“

One of the first things that covered entities must do is ask all business associates to sign an agreement (BAA) indicating they are compliant with the regulations of HIPAA. Total HIPAA has encouraged health insurance agents, who are classified as business associates, to send a signed business associate agreement to their clients even though the agreement should originate with the covered entity. This way the health insurance agency shows their commitment to protect the health information of the client’s employees and takes a proactive position to help their clients become aware of their responsibility.

“Many employers are not aware of their responsibilities and need guidance on where to start. Doing nothing is not an advisable strategy,” commented Ms. Karn.

Leon Rodriguez, Director of the Department of Health and Human Services’ Office for Civil Rights (OCR), announced on September 23, 2013 that Federal regulators are planning for a permanent HIPAA audit program beginning in 2014. Rodriguez said OCR is asking for a budget increase and will also use $4.5 million in collected HIPAA non-compliance penalties to help fund its audit program. (http://www.govinfosecurity.com/hipaa-audits-more-to-come-in-2014-a-6090)

In audits and breach investigations to-date, OCR has identified a lack of thorough risk analysis as the major stumbling block. Knowing where PHI can be exposed and correcting those potential breaches is a key step. Total HIPAA includes a risk analysis tool as part of the compliance materials.

“There is still time to meet the HIPAA guidelines,” Karn added. “Total HIPAA can provide you tools that guide you through the compliance process. There are significant fines and potential jail time if you don’t comply.”

ABOUT TOTAL HIPAA COMPLIANCE
Total HIPAA Compliance prepares health insurance agents, HR professionals, healthcare providers, business associates and their subcontractors to meet federally mandated 2013 Omnibus HIPAA compliance regulations. With more than 100 years of combined regulatory, educational, professional management and health care experience, our staff prepares and delivers easy-to-use, cost-effective, on line HIPAA compliance and training.
See more at: http://www.totalhippa.com

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Rob Karn

Rob Karn
@TotalHIPAA
since: 07/2013
Follow >
Total HIPAA Compliance

Visit website