Overview: The Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules and the enforcement provisions surrounding them are of paramount importance to HR.
HIPAA's Privacy Rule sets standards for the protection of certain health information and addresses the use and disclosure of individual health information, more commonly known as protected health information or PHI. The objective of the Privacy Rule is to protect the privacy of medical information while, at the same time, allowing the flow of necessary information to provide high quality health care.
While the Privacy Rule deals with the use and disclosure of PHI, HIPAA's Security Rule establishes standards to protect an individual's electronic protected health information, or ePHI. The Security Rule attempts to ensure the security of ePHI through the use of administrative, physical and technical safeguards and applies only to electronically transmitted or stored PHI and not to oral or written PHI.
The Health Information and Technology for Economic and Clinical Health Act, or HITECH Act made significant changes to HIPAA's Privacy and Security rules in the areas of enforcement provisions, notification of breach requirements, access to electronic health records and the definition of business associate.
Trends: A major provision of the HITECH Act is to improve enforcement of HIPAA violations. The Department of Health and Human Services Office for Civil Rights (OCR) has stepped up its enforcement of compliance with the privacy, security and breach notification rules in this regard.
Tracy Morley, SPHR, Legal Editor
The US Department of Labor's Employee Benefits Security Administration (EBSA) published two compliance tools to help employers see if their health plans comply with the requirements of Part 7 of the Employee Retirement Income Security Act (ERISA).
The US Department of Health and Human Services (HHS) announced a settlement with Hospice of North Idaho (HONI) for alleged violations of the Health Insurance Portability and Accountability Act (HIPAA) Security Rule. The settlement is the first settlement involving a breach of electronic protected health information (ePHI) affecting fewer than 500 patients.
On January 17, 2013, the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) released its long-awaited Omnibus Rule containing modifications to the Privacy, Security, Enforcement and Breach Notification Rules under the Health Insurance Portability and Accountability Act (HIPAA).
Employers need to do everything they can to minimize claims by employees and the government. This section assists HR professionals in implementing proper policies and procedures, and understanding where the greatest risks lay and what the federal government's major enforcement initiatives are.
Updated audit protocols from the DOL's Employee Benefits Security Administration include a review for compliance with the Affordable Care Act (ACA), the Genetic Information Nondiscrimination Act (GINA) and wellness plans. Based on the change in audit protocols, it seems that the EBSA is increasing its review efforts, with a particular focus on compliance with the ACA.
In Roberts v. Careflite, the Texas Court of Appeals ruled that an employer may be able to take adverse action against an employee based on social media activity if the posting does not concern protected concerted activity.
In EEOC v. Thrivent Financial for Lutherans, the 7th Circuit rejected the EEOC's contention that the ADA requires employers to keep all employee medical information learned by an employer in response to a job-related inquiry confidential.
An employer may use this form to obtain release from an employee to contact the employee's health care provider in circumstances where the FMLA permits. This form will ensure that employers remain compliant with the Health Insurance Portability and Accountability Act (HIPAA).
XpertHR now offers a comprehensive set of resources to help employers manage the complex and extremely challenging interplay of the FMLA with countless other leave-related laws.
This chart is a brief introduction to the FMLA's interplay with state and federal law, and summarizes many of the questions and issues that arise under various employment laws and obligations when employees seek, take and return from FMLA-type leaves.
HR Guidance on HIPAA compliance - in particular, the HIPAA Privacy Rule and HIPAA Security Rule, and other HIPAA requirements.
Sorry, this feature is not yet available on the preview site