That toe-tapping you hear is the sound of healthcare compliance officers growing impatient over the long delay to finalize changes to the Health Insurance Portability and Accountability Act's (HIPAA) privacy and securities rules.
The pending rules date back to February 2009, when Congress enacted the HITECH Act in response to the growing reliance of IT systems in healthcare and the increasing number of data breaches of sensitive patient information. More than four years later, many of those HIPAA modifications, packaged together, have yet to be finalized and put into practice.
The HIPAA Omnibus Rule, formally known as “Modifications to the HIPAA ...