The US President Barrack Obama signed the American recovery and reinvestment act last month. This act is also known by the name of the stimulus package. But people are not aware of the changes, which this law will incorporate in the world of the security rules, which come under HIPAA or the health insurance portability and accountability act of 1996. Due to this change, all business associates should abide by the rules from now on and any kind of breach or misdemeanor should be reported and penalties should be implemented and damages should be claimed for any kind of violation of any of the rules.

The biggest change which has come about in the security rules of HIPAA is the number of organizations which come under the scrutiny of HIPAA or which will be known as covered entities under HIPAA. All the security rules, which will have to be followed by business entities, will also have to be followed by business associates. All business associates should also follow all the administrative, physical and technical safeguards, which come under the security rules of HIPAA. A security official will have to be appointed by every business associate and written procedures should be implemented and all the employees of the company should be trained in order to protect the privacy of the medical information of the patients. The data regarding the patients should be preserved in a safe and secure manner. A business associate can also be levied with all the civil as well as criminal liabilites, which are applicable to a covered entity under HIPAA.

The second change, which has been made under the security rules of HIPAA, is that every breach of security should be informed to the authorities. All covered entities and business associates under HIPAA should inform the concerned individual about any breaches in the privacy and security of their medical information. When the private medical information of a patient has been revealed to any outside source either intentionally or by accident, then the concerned person as well as the authorities should be notified immediately about the incident. The person can be notified either by regular mail or by e-mail depending on the preference, which has been stated, by him or her. When a security breach has taken place on a large scale, which means the details of 500, or more people have been revealed then a prominent media agency should also be informed about the leak in information. The department of Health and Human Services should also be notified of any breach in security and there is a separate individual website which has been opened in order to provide information regarding the breach in security of private information.

The penalties, which have to be paid in the event of a violation, have also been increased. The fine for every violation is $100 for every individual and it has been increased to $1000 for every individual. The fine which will be levied for willful neglect can be anywhere between $10000 to $250000.

Related Hipaa Posts

• June 1, 2010 -- Reasons medical businesses should comply with HIPAA regulations
• May 31, 2010 -- Increasing Computer Network Security for effective HIPAA Compliance
• May 29, 2010 -- HIPAA and the Internet: Intranet Collaboration Software requirements
• May 25, 2010 -- HIPAA Emails compliance – Safeguard your private information
• April 24, 2010 -- What Are HIPAA Laws?
• April 24, 2010 -- HIPAA: What is it?
• April 21, 2010 -- Complete HIPAA Guide
• April 19, 2010 -- Need for adherence to HIPAA regulations
• April 17, 2010 -- Problems in HIPAA compliance
• April 16, 2010 -- Queries on HIPAA training