I have received several questions related to my “Standards of the month” column about history and physical (H&P) reports.
I thought it would be a good idea to clarify two specific issues these inquiries raised: 1) the requirements for H&P examinations for moderate sedation, and 2) allowing anesthesiologists to complete the update to the H&P report prior to surgery.
On July 8, HHS released a proposed rule to modify the HIPAA Privacy, Security, and Enforcement Rules, extending HIPAA compliance requirements to subcontractors of business associates (BA) and strengthening patient rights to health information privacy. The rule is available for viewing at http://edocket.access.gpo.gov/2010/pdf/2010-16718.pdf.
When HITECH was signed into law February 17, 2009, privacy and security officers predicted the provision that gives patients greater rights to accounting of disclosures on their electronic health records (EHR) would prove to be the most difficult.
The cost of failure to comply with the HIPAA Security Rule has significantly increased during the past few years. This cost is not related solely to regulatory changes; it is also associated with data loss and corruption, legal risks, and damage to business image. Many healthcare organizations relegate disaster recovery planning and disaster preparedness to the back burner. This represents a regulatory compliance concern and a significant risk to organizations.