Loricca is proud to offer the new updated HIPAA Tool Kit in collaberation with Coppersmith Schermer & Brockelman PLC.

The Health Information Technology for Economic and Clinical Health Act (the HITECH Act) has triggered the need for health care organizations to make significant changes to their HIPAA Privacy and Security policies. The stakes are high: the HITECH Act substantially increased civil penalties for HIPAA violations, the federal government now has the resources for increased enforcement, and the Act provided authority to State Attorneys General to enforce HIPAA.

What will the New HIPAA Privacy and Security Tool Kit Cover?   Because the HITECH Act implementing regulations will be issued over time, the New HIPAA Privacy and Security Tool Kit will be issued in stages according to compliance priority:

• Breach Reporting Requirements: The Tool Kit contains a chapter with a detailed explanation of breach reporting obligations and a template breach reporting policy, breach reporting log, and patient breach reporting letter.
• Security Rule Compliance: The new Tool Kit includes a chapter on compliance with the HIPAA Security Rule and a discussion of how to “secure” PHI to meet the breach reporting safe harbor, drafted by the HIPAA security experts at Loricca’s Healthcare Solutions Group. Loricca will also make its entire library of over 100 security policies available at a substantial discount to Tool Kit purchasers.
• Business Associate Agreements: The Tool Kit contains a chapter on contracting with business associates, including an in-depth analysis of the allocation of breach reporting obligations, reporting to HHS, and the other new HITECH obligations. This will also include a template business associate agreement and a business associate policy.
• Genetic Information: The new Tool Kit includes a chapter on genetic information to reflect the regulations amending HIPAA to implement the Genetic Information Nondiscrimination Act (GINA).
• Other Privacy Rule Amendments: The new Tool Kit includes updated Tool Kit chapters, policies and documentation to reflect HHS regulations implementing the new HITECH requirements, including changes to the minimum necessary standard; allowing patients access to PHI in electronic format; withholding PHI from health plans where a patient pays in full out of pocket; changes to the marketing and fundraising provisions; accounting for disclosures from an electronic health record for treatment, payment and health care operations; and prohibitions against direct or indirect remuneration for PHI. Date of issuance: One month after HHS publishes final regulations on each topic.
• The Final Tool Kit: The final Tool Kit will integrate the content noted above, and will include a thorough compliance guide that includes in-depth discussion of all HIPAA Privacy and Security requirements; a complete set of policies and procedures to implement HIPAA Privacy requirements; and security forms, documents and other guidance to assist your organization in implementing the policies.