It's a brave new world out there for business associates (BA). BAs needed to comply with the HIPAA Security Rule and the use and disclosure provisions of the Privacy Rule in February 2010 as a result of the HITECH Act. However, the Office for Civil Rights (OCR) held off on any enforcement activities-that is, until recently.
So what's it like from the HIM professor's point of view? We catch up with 37-year professor Anita Hazelwood, RHIA, FAHIMA, program director of HIM at the University of Louisiana at Lafayette.
This article is based on the results of MRB's quarterly benchmark survey. This month, we chose to survey respondents on EHR implementation and challenges.
Imagine a hospital as a sentient being that holds within it all things necessary to heal you from illness or injury. The HIM department, or medical records department, is this being's memory. Without it, there would be no continuum of patient care. Sometimes, it's the hospital's memory that serves to produce an otherwise overlooked diagnosis.
Also known as the "mega rules," the omnibus final rules are clarifications and finalizations of the HIPAA rules of 2003, the HITECH rules of 2008, and the incorporation of the Genetic Information Nondiscrimination Act (GINA) rules into the Privacy and Security rules. These are not sweeping changes, as many describe, but clarifications. In most cases, what are now final rules are best practices that organizations should already be following.
Eleven years ago, when hospitals and other healthcare facilities were on the cusp of the new HIPAA Privacy Rule, Kathleen A. Frawley, JD, MS, RHIA, FAHIMA, spoke words that were prophetic.
