Welcome to the HIPAA-HITECH Survival Center!

The Industry Radar HITECH Webinar is on Thurs, 1/28 – register here.

While our industry has been busy with 2009 enrollments and renewals and gnashing teeth over healthcare reform, a new law that is critical to healthpans, employers, brokers and other vendors – HIPAA/HITECH – has largely been ignored. This is a serious piece of legislation with serious enforcement ramifications that you all need to be taking very seriously.

As a broker, benefits consultant, TPA, benefits outsourcer or other related group who accesses PHI – welcome to the party – you are now bound by the same legal requirements and penaties that insurers and employers (“Covered Entities” or CE’s”) have been for the the last 6 years concerning privacy and security and more.

So some questions for our 3 main constituencies:

  • To our health insurer readers have you gotten all your BA agreements in place with employers and brokers?
    • Have you made any attempt to actually educate your BA’s on what they need to do?
    • For our “Covered Entities” the law is clear that an breaches that your BA’s cause are your problem as well, even if you do NOT know about them.
  • To our employers/plan sponsors have you gotten all your BA agreements in place with your brokers, consultants or service providers who touch PHI on your behalf in administering your plans?
    • Do you even know all the places in the organization where PHI is used for enrollment, billing, eligibility and plan servicing?
  • To our brokers and consultants do you even know what you need to do and that the law applies to all size businesses?
    • Do have a written plan in place and training and security procedures that meet the law’s requirement?
    • Do you have BA agreements signed with your clients, insurers and any vendors that you use that touch PHI like enrollment and admin firms?

Some general questions for you all:

  • Are you handling PHI using secure and encrypted communication? Your healthplans likely are already why aren’t you?
    • Did you know that the law grants “safe harbor” to breaches of encrypted information and encourages all parties to adopt an encrypted solution?
  • Did you know that the law requires a BA like a broker to report any PHI security breaches from their employer customers or face penalties themsleves?
  • Did you you know that any breach involving 500+ lives has to now be reported to the local media outlets directly? Imagine having to “tattle” on you customers in the media.
  • Are you aware that the State Attorneys General now have the ability to prosecute locally in addition to any penatlies levied by HHs? Imagine the politics of this one with an ambitious AG running for Governor or Senator and the ability to target local insurers on their errors.

In particular my research has shown that most brokers are not up to date on this law and what they must do to comply. Employers are also under informed and even some insurers seem less than on top of their responsibilities in informing their clients and brokers of what they collectively need to do.

You only have until 2/17/2010 to be in full compliance with the privacy,security and breach notification aspects of law or face major legal, fianancial and reputational risk for your business.

The resources on this page are here to help you and your team get up to speed quickly and get moving on all that needs to be done for compliance. Don’t delay this is not some silly ERISA change that never gets enforced. This law is the backbone of electronic health information and EHR’s so take it seriously, get you own house in order first and then focus on your clients and business partners.

Proven Solutions Ready to Go

The Industry Radar Business Network has partnered with a leading compliance and also the premier email encryption firm to create a turn key HITECH compliance solution for:

  1. Managing all the planning, policies, documentation and ongoing maintenance required by the HITECH law
  2. Deploy a fully HIPAA/HITECH compliant encrypted and secure email solution used by 19 million members from 4 of the top 7 health plans, 30 BCBS organizations and many,many more.

that can put you and your firm in compliance with all your “Covered Entities” and your own “Business Associates”.

We are implementing these solutions today for our broker clients and would encourage you to contact us to learn how we can help you quickly and cost effectively solve your HITECH compliance obligations.

Click here to send us an email and learn more.

Disclaimer: This page, its post and its references are not legal advice. Consult qualified counsel for any legal issues that concern you, your organization, or questions of compliance.

Explore posts in the same categories: brokers, Business, Employee Benefits, Healthcare, Healthcare Insurers, Healthcare Reform


You can comment below, or link to this permanent URL from your own site.

One Comment on “Welcome to the HIPAA-HITECH Survival Center!”

  1. You might want to check out my blog and also see a demonstration of a new solution for HIPAA HITECH compliance.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: