The rules have recently been updated by the HITECH Amendment, including final guidance offered this year.

HIPAA regulations require all employers who offer group health insurance plans to develop and comply with procedures that ensure the confidentiality and security when sharing or receiving protected health information (PHI). The rule applies to all forms of PHI, including paper, oral, and electronic.

We believe the top 5 most common mistakes around HIPAA today are:

1. Noncompliance with security rules, such as sharing protected health information (PHI) over non-encrypted email or storing PHI on a non-encrypted laptop
2. Neglecting to comply with HIPAA privacy rules when offering a medical reimbursement program or Health Reimbursement Arrangement
3. Failure to update employees on required privacy/portability notifications, such as the Notice of Special Enrollment Rights to employees and individuals who have voluntarily terminated coverage
4. Charging Employees more for benefits based on a health status, such as being a smoker, without a HIPAA-Compliant Wellness Program and Disclosures in place
5. For groups who are self-funded, failing to designate a privacy officer and have full policies/procedures for HIPAA compliance including ensuring that employees with access to PHI are fully trained

HIPAA rules and regulations can sometime feel overwhelming to an organization. It is always a great idea to take a closer look at the way your organization follows the HIPAA guidelines and identify and/or fix areas that may violate HIPAA laws. We perform complimentary audits of an employer’s HIPAA practices – just This email address is being protected from spambots. You need JavaScript enabled to view it.if that would be helpful.

To find FAQ’s or summary of HIPAA rules and regulations please visit www.dol.gov or www.hhs.gov. Fall River is always here to assist you!