HIPAA News

Your #1 source for info about HIPAA, HIPAA compliance, HIPAA privacy and the latest HIPAA lawsuits

  • Home
  • Archives
  • Links
  • RSS Feed
  • Follow @hipaanews on Twitter
  • Follow HIPAA News on LinkedIn
  • Like HIPAA News on Facebook

Privacy and Security Rules are expanded by the American Recovery and Reinvestment Act of 2009

September 30, 2009 by Naomi Redding

ARRA-logo_300The American Recovery and Reinvestment Act of 2009 (ARRA) has some direct impacts and implications for HIPAA implementation and compliance. Individuals now have more rights regarding disclosure of their protected health information (PHI); the privacy and security provisions of HIPAA for covered entities and business associates are expanded as well. Not surprisingly, the ARRA also provides for increased enforcement and penalties for noncompliance.

So what are the big changes?

– Business Associates are now covered under and subject to HIPAA Privacy and Security Rules. Prior to the ARRA being enacted, only health plans and health care providers (covered entities) were subject to HIPAA. Who is a business associate? “A business associate is any person or entity who performs or helps perform a function or activity on behalf of a covered entity that involves the use or disclosure of PHI. Third-party administrators, utilization reviewers and attorneys who represent covered entities are among the parties who are frequently treated as business associates.” This becomes effective February 17, 2010.

– Individuals must now be notified if there is a security breach of their PHI within 30 days; the local press must be notified if there are more than 500 privacy or security breaches within the same geographic area. Logs must be kept and reported to HHS annually.

– When a complaint is made, the ARRA requires HHS to formally investigate a covered entity or business associate; regular audits for HIPAA privacy and security compliance are now required as well.

– It’s now more expensive than ever to pay for violations. Under ARRA, for violations of an identical requirement during the same calendar year penalties can range, depending on the type of violation, from $100 to $50,000 per violation, with a cap of $25,000 to $1.5 million per year.

For additional information, you can read more at http://www.stradley.com/newsletters.php?action=view&id=439

Share this:

  • Tweet

Related

Posted in: HIPAA News Tagged: American Recovery and Reinvestment Act of 2009, ARRA, HIPAA, PHI

Subscribe to new HIPAANews.net posts via Email:

Enter your email address:

Delivered by FeedBurner

RSS Latest HIPAA News from Around the Web

  • Texas court vacates HIPAA reproductive health privacy rule – TechTarget June 23, 2025
  • HIPAA Final Rule supporting reproductive health care privacy vacated by Texas district court – Lockton June 23, 2025
  • Healthcare Law Alert: Federal Court Ruling Vacates HIPAA Privacy Rule to Support Reproductive Health Care Privacy – Hancock Estabrook, LLP June 23, 2025
  • Texas Judge Vacates Abortion Privacy Protections – The HIPAA Journal June 23, 2025
  • HIPAA Risk Analyses For Digital Health: Navigating AI, M&A And Vendor Diligence – New Technology – United States – Mondaq June 23, 2025
  • Federal Judge Vacates Biden Administration’s HIPAA Rule on Reproductive Health Privacy – Mahomet Daily June 22, 2025
  • Federal Court Strikes Down HIPAA Reproductive Health Care Privacy Rule – The National Law Review June 20, 2025
  • Texas Judge Throws Out Biden Rule Protecting Medical Privacy on Abortion – Mother Jones June 20, 2025
  • Court Ditches HIPAA Reproductive Health Info Privacy Rule – BankInfoSecurity June 20, 2025
  • Tonic.ai Achieves HIPAA Compliance Certification, Ensuring Enhanced Security for Protected Health Information – Security Boulevard June 20, 2025

Recent Posts

  • General Data Protection Regulation (GDPR) Compliance
  • Doc Vader on ER Misuse
  • HIPAA Privacy Complaints
  • 2017 is Raising the Bar for Annual HIPAA Breaches
  • Ensuring Availability of HIPAA During Natural Disasters

RSS HIPAA Book Reviews

  • HIPAA video
  • 11 Years of HIPAA and it’s still not easy for consumers
  • HIPAA Checklists
  • Five Essential HIPAA Books for Beginners
  • Top 10 highest-rated HIPAA books for IT Managers

Copyright © 2025 HIPAA News.

Lifestyle WordPress Theme by themehit.com