Your Internet browser is outdated and cannot run this website. In order to view this site, and to protect your computer, please click to upgrade to a modern web browser of your choice:

Google Chrome or Mozilla Firefox

(Worry not– it's quick, safe and free, and you won't regret it!)

Publications on HIPAA and HITECH Rules and Regulations

Staying compliant with HIPAA rules and regulations can be challenging for many privacy officers and organizations. To help you stay informed, the HIPAA compliance team at Strategic Management has compiled the publications listed below.

Many of these publications have been written by our team of HIPAA compliance consultants, so if you have a question you need answered, please contact us today. You can reach our lead HIPAA compliance consultant, Catie Heindel by calling (847) 256-2323 or you can click here to fill out our online contact form.

HIPAA and HITECH Compliance Publications and Resources

  • HIPAA Enforcement Highlights (Slideshow)Increased enforcement activities of security, privacy, and breach by the Department of Health and Human Services (HHS) Office of Civil Rights (OCR) means your organization needs to have all the right safeguards in place.Watch the slideshow to learn where other organizations went wrong and what your organization can do.
  • Meeting the Privacy Officer Challenge: Outsourcing Might Be the AnswerThe HITECH Act requires covered entities, such as hospitals, to report PHI breaches to the Department of Health and Human Services (HHS) Office for Civil Rights (OCR). Outsourcing the privacy officer function is one solution for organizations with existing Security Officers needing support or lacking the personnel who can meet the responsibilities of the position.If your organization is struggling to handle the challenges of an effective privacy program, the increasing responsibilities under the HITECH Act, and mitigating the serious consequences from privacy violations or security breaches, then this article is for you.
  • The Relationship of Privacy Provisions in the Stimulus Bill to Health Information TechnologyHealth Insurance Portability and Accountability Act (HIPAA) rules were affected by the provisions within American Recovery and Reinvestment Act of 2009 (ARRA) that are associated with health information technology and electronic medical records.Reading this article will provide you with an overview of some of the new health information technology issues as well as certain patient privacy issues that may arise for health care entities.
  • Preparing Organizations for OCR Audits and HIPAA Compliance ReportsThe Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has enacted plans to assess covered entities’ compliance with the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules. This brief will provide guidance for covered entities wishing to prepare for OCR audits. More specifically, this publication examines the findings of the HHS OIG’s HIPAA Compliance Report to help providers understand their vulnerabilities as they relate to the HIPAA Security Rule.Read this article to learn about OCR’s Audit Program and offers strategies to prepare and how to stay compliant with the HIPAA Privacy and Security Rules.
  • Red Flag RulesRed Flag rules require hospitals and other health care providers to develop and implement a written identity theft prevention program for detecting, preventing, and mitigating identity theft. Failure to comply with these rules can lead to civil monetary penalties and regulatory enforcement action.This publication concentrates on a summary of these Red Flag rules and how they may affect health care entities like your own.
  • HIPAA Electronic Transaction Standards: Is Your Organization Ready?HIPAA electronic transaction standards have been adopted by the HHS to facilitate their “ongoing transition to [transform into] an electronic health care environment.” These standards were announced in a final rule and impact health care entities such as health plans, health care clearinghouses, and health care providers, in regards to the electronic submission of health care transactions.This article offers you an overview of HIPAA’s electronic transaction standards and examines how these standards will impact health care organizations.
  • AIS: Major New HIPAA Requirements: How to Comply With Strong Privacy and Security Measures Signed by President ObamaThe American Recovery and Reinvestment Act contained several HIPAA and HITECH provisions that affected the regulation of the privacy and security of health information. Health care providers who want to remain in compliance with these new measures must take action now and prepare for the future as this next phase of HIPAA regulation and enforcement goes into effect.This brief will address many of the key provisions from the ARRA and what your organization may need to do to stay HIPAA and HITECH compliant.
  • Privacy Matters: Creating a Systematic Investigation and Reporting Process for Privacy ComplaintsRegulations concerning the privacy and security of  protected health information (PHI) has become increasingly important for health care organizations. HIPAA and HITECH compliance reviews by the HHS and OCR are expected to exceed 150 health care entities, and potentially their business associates.  Inadequate safeguards to protect PHI can lead to increased government scrutiny and fines, so having a defined process for protecting PHI and reporting breaches in accordance with HIPAA Privacy and Security Rules and HITECH Act is essential.Read this article to learn more how your organization should prepare for OCR audits by establishing internal privacy and security investigations, conducting risk assessments, and reporting breaches in accordance with HIPAA and HITECH regulations.
  • Managing risks when implementing the new EHR disclosure accounting requirements of ARRAThe ARRA introduced a number of provisions affecting HIPAA and HITECH requirements. One of the most significant additions was  new EHR disclosure accounting requirements that must be implemented.Read more about how these EHR disclosure requirements may result increased penalties and what your health care organization needs to do to stay in compliance.

Get More Information

The Strategic Management team has been helping organizations with HIPAA compliance issues since the initial draft of the Security and Privacy Rules. The Firm offers HIPAA advisory services, training materials and courses, assessments, interim Privacy Officers and Security Officers, and more.

If you have any other questions or would like more information, you can call Catie Heindel, our lead HIPAA consultant, at (847) 256-2323 or you can click here to fill out our online contact form.

Go from HIPAA and HITECH Publications to the HIPAA compliance homepage