HIPAA Omnibus Compliance Requires:
1. UPDATED Notice of Privacy Practices
2. NEW! Business Associate Agreement (BAA) between BAA and BAA’s subcontractors
3. UPDATED Breach Determination and Notification
4. UPDATED Marketing, Fundraising, and Immunization Records Guidelines
Compliance Date: September 23, 2013
Breach Notification Standards
- Educate staff so they are sure to report any actual or suspect breaches
- Inform patients on where to report a suspected breach. Publish on website.
- Log all activities whether breach or not.
- Follow OCR Breach Guidelines.
Patient Right to Access Record
- Educate staff on process for patient to request access.
- Provide alternative methods for patient access: via MyChart, CD, secure fax.
I encourage you to contact me with your questions.
Mary Johnson 612 716-8581 Email.