New HIPAA rule to be enforced next week

New rules covering HIPAA-covered entities — and carrying heightened penalties for failure to comply — will begin to be enforced on Feb. 22.

The changes to the Health Insurance Portability and Accountability Act were passed under the HITECH (Health Information Technology for Economic and Clinical Health) Act as part of the economic stimulus legislation last year.

The new rules impose a host of heightened requirements, including stricter notice requirements in the event of a breach of rules protecting patient care information. The rules also require individuals and the government to be notified in the event of a breach.

The law, which went into effect in September, imposes severe penalties including steep new fines, which can reach $1.5 million and were clarified in a recently-published interim final rule which went into effect on Nov. 30.

The government granted a compliance grace period until Feb. 22.