[ Wednesday, July 24, 2002 ]



More from HIPAAlive:

"July 24, 2002 -- In an exclusive interview this month with Theresa Defino, Editor of Ingenix's "Practical Guidance on HIPAA and E-Health for the Physician Practice" newsletter, Karen Trudel, director of the Centers for Medicare and Medicaid Services' (CMS) HIPAA project staff, says the final security rule will not be published in August as promised. Asked when she expects the final security rule to be released, Trudel said, 'It is probably going to be in the fall. It will be on the regs [publication] agenda for October. One of the things we are doing is making sure that privacy and security are linked. We definitely need to take another look at it, in light of the private [sic] rule modifications, before it goes out the door.'

"Speaking with Health Data Management on July 22, Stanley Nachimson, senior technical advisor in CMS, said, 'I would not expect to see it in August.' Nachimson is part of the team within HHS responsible for promulgating HIPAA administrative simplification rules. Nachimson declined to say when the rule would be published or why it could be further delayed. The rule remains in the clearance process, he adds."

I knew they wouldn't get to it in August. The big question is will they get it out before the Privacy Rule becomes final in April? It's not impossible, but it is hard to imagine getting your operations completely compliant with the Privacy Rules while not even knowing what the final Security Rule will look like.

I would not be surprised if the Privacy Rule deadline softens. It won't go away entirely, but my prediction is that enforcement is limited. Most likely, HHS will say that everyone must still comply with the Privacy Rule by April 2003, but that OCR won't punish anyone who violates the regulations prior to December 2003. OCR will work with offenders in the meantime (if they actually discover any, of course), but won't sanction them.

Hey, you heard it here first.

Jeff [10:19 AM]

Comments: Post a Comment
http://www.blogger.com/template-edit.g?blogID=3380636 Blogger: HIPAA Blog - Edit your Template