HHS Issues Rules Adjusting Penalties under the Patient Safety and Quality Improvement Rule for Inflation
The HIPAA Act of 1996 has set strict standards regarding a patient’s Protected Health Information (PHI) as a part of its Privacy Rule regulations. The Privacy Rule addresses all issues concerned with saving/accessing/sharing medical & personal information of an individual.
However, this is a very basic definition, as the realm of a Covered Entity implies to all Business Associates that are involved in accessing/sharing an individual’s medical health information. A Business Associate represents all persons or organizations that are involved in the direct functioning of a Covered Entity or act on behalf on a Covered Entity.
As required by the Federal Civil Penalties Inflation Adjustment Act of 1990 (Inflation Adjustment Act), the U.S. Department of Health and Human Services (HHS) issued both a direct final rule and a proposed rule today adjusting for inflation the maximum civil money penalty amount for violations of the confidentiality provisions of the Patient Safety and Quality Improvement Act. These confidentiality provisions are enforced by the Office for Civil Rights (OCR).
The Inflation Adjustment Act requires HHS to adjust for inflation the Patient Safety Act’s civil money penalty amount at least once every four years, beginning from the Patient Safety Act’s date of enactment, which was July 29, 2005. These rules adjust the maximum civil money penalty amount for a violation of the confidentiality provisions of the Patient Safety and Quality Improvement Act from $10,000 to $11,000.
The public has 30 days to comment on these rules. If no adverse comments are received, the direct final rule will go into effect 90 days after publication, and the proposed rule with be withdrawn. If, however, adverse comments are received during the comment period, the direct final rule will be withdrawn. For more information, visit the OCR web site at http://www.hhs.gov/ocr/privacy/.
The HIPAA Privacy Rule
The HIPAA Privacy Rule, also called the Standards for Privacy of Individually Identifiable Health Information, provides rules and guidelines for the use/disclosure of an individual’s health information.