New HIPAA rules increase your liability: Here's how to comply

June 1, 2013

Dermatologists have until Sept. 23 to put into place internal policies and procedures needed to comply with sweeping changes coming to the Health Insurance Portability and Accountability Act (HIPAA).

Dermatologists have until Sept. 23 to put into place internal policies and procedures needed to comply with sweeping changes coming to the Health Insurance Portability and Accountability Act (HIPAA).

These changes are a big deal, says Pat Davey, M.D., chairman of the American Academy of Dermatology Practice Management Committee. Every day, someone loses personal information, whether that be a credit card or their Social Security number, he says.

“I’ve got the feeling that somebody’s going to get crucified on the privacy cross ... that’ll probably be your solo dermatologist who doesn’t have the resources to fight the federal government,” he says.

Driving many of the changes in the omnibus rule is the privacy debate, especially as it relates to electronic health records, Dr. Davey says. “The original HIPAA went into effect in 1996. And that relates more to how we handle records,” he says. “Now they’re tightening it up in terms of who has access to data ... and that’s the part that is aimed at the electronic records.”

The idea behind EHRs was to have federal information exchanges that would allow hospital systems, outpatient facilities and individual physicians to exchange patient information, Dr. Davey says.

“We do not know when this will happen. In my part of the world hospital systems are rolling out a common electronic record to the primary care doctors, giving hospital staff members electronic access to records and setting up secure texting networks,” Dr. Davey says.

Read more on what compliance will mean.