In case you missed it, The Centers for Medicare and Medicaid Services’ (CMS) Office of E-Health Standards and Services is delaying its enforcement of operating rules under the Health Insurance Portability and Accountability Act (HIPAA) until April 2013.
The Patient Protection and Affordable Care Act (PPACA) required the Department of Health and Human Services (HHS) to adopt a single set of operating rules for each HIPAA transaction standard to improve its utility and reduce administrative costs. The purpose of the operating rules was to make the application of the HIPAA standards more consistent and efficient. The rules took effect on January 1, 2013 for HIPAA-covered entities.
According to CMS, HHS is delaying enforcement in order to reduce the potential disruption to the healthcare industry. Feedback from the industry indicates that HIPAA-covered entities have not reached a level where a majority of covered entities would be able to be in compliance with the operating rules on January 1, 2013.
Nonetheless, if an entity is the subject of a complaint, it will be required to provide evidence of its compliance or a good faith effort to become compliant before the new April deadline.