Search the News

News Today's News Search the News Benefits in the News By Date By Subject Newsletters By Date Subscriptions Press Releases By Date By Company Post a Press Release   Discussion Message Boards Home Latest Messages Log In Register Q&A Columns     Events All Upcoming Events By Date By Title By State By Sponsor Prerecorded Webcasts By Date By Title By Sponsor New or Changed Events Post an Event   Authorities Research Guides Using the Web for EB Research Employee Benefits Research Guide Applicable Federal Rates Inflation-Adjusted Limits Audit Guidelines IRS EP Examination Guidelines DOL Compliance Assistance Department of Labor EBSA Enforcement Manual Compliance Assistance Laws and Regulations Technical Guidance   (Exemptions and Interpretations) Internal Revenue Service Practitioner Resources Published Guidance I.R. Bulletins Correcting Plan Errors Examinations & Enforcement PBGC Interest Rates Opinion Letters Regulations Federal Register Contents Today's Edition Laws and Regulations ERISA Internal Revenue Code Regulations (IRS, DOL and PBGC) United States Code Index Search Court Decisions Congress Congressional Record Joint Comm. on Taxation Pending Legislation     Jobs Newest Jobs Résumés Post a Job Post a Résumé   Directory Vendor Directory Software Directory Pay by Credit Card   About Us Advertise Your Company Recommend a Link Satisfied Customers Contact Us About Us

Benefits in the News > By Subject > Health plan admin - HIPAA View Recent Headlines Now Viewing Excerpts and Recent Headlines [Guidance Overview] Audits Heat Up HIPAA Liability: What to Do Now to Mitigate Risk "In November 2011, the Office for Civil Rights (OCR) began audits to assess compliance with the HIPAA Privacy, Breach Notice, and Security Rules. The OCR compliance audits will be conducted by KPMG LLP and generally will consist of an initial document request, an onsite visit by the auditors, and then negotiation of an audit report." (Poyner Spruill) [Guidance Overview] IRS Updates Form 8928 for Self-Reporting of Excises Taxes Owed for PPACA Failures "PPACA created several new reporting and compliance standards for plans and employers. The [chart in this document] lists some of those new requirements and their effective dates. Failure to meet any of these must be reported on Form 8928 starting in 2012 as of the due date of the employer's federal income tax return. In general, the penalty assessed under Code ? 4980D is $100 per day, per affected participant for as long as the plan is non-compliant." (Faegre Baker Daniels) First HIPAA Enforcement Action Against a Business Associate (and the Plot Thickens with Transparency Demands) "On Jan. 19, 2012, in the wake of the theft of an unencrypted laptop computer containing approximately 23,500 patients' records, the Minnesota attorney general brought the first formal enforcement action against a business associate, Accretive Health, Inc., for an alleged violation under [HIPAA], using her authority under the [HITECH] Act. Additionally, the attorney general appears deeply unsettled by the amount of information that Accretive Health collected about patients without the patients' knowledge, alleging that this lack of transparency represents deceptive and fraudulent practices under Minnesota law." (Davis Wright Tremaine LLP) [Guidance Overview] Ninth Circuit Holds That Federal HIPAA Preempts Montana's 'Little HIPAA' Law "Due to preemption of the state law, the state law claim was defeated on its merits. The court, however, noted that it was not expressing an opinion as to whether its holding would apply to a state HIPAA-type statute that provided additional protection beyond the federal HIPAA statute." (Haynes And Boone) HIPAA Audits Come with Short Turnaround Times "[HHS] has begun a pilot program of HIPAA privacy and security audits for health care providers and health plans, and the audits will have some very short turnaround times." (The Bureau of National Affairs, Inc.) [Guidance Overview] Office of Civil Rights to Conduct HIPAA Compliance Audits "According to a recent survey, a majority of health care organizations are not fully prepared for the federal audits that will test compliance with HIPAA privacy and security rules. Of the more than 400 survey respondents, less than 20 percent indicated they were fully prepared for OCR's HIPAA compliance audits." (Snell & Wilmer L.L.P.) [Guidance Overview] HHS Commences HIPAA Pilot Audit Program "The vast majority of covered entities and business associates will not be audited in 2012, but they can expect the audit program to provide lessons on compliance risks and best practices. They will likely need to update their staffing, policies and procedures, training, and business associate agreements accordingly. They may also gain insight into the audit methodologies and begin preparing for potential audits in 2013 and beyond." (Cooley LLP) [Guidance Overview] Update on Fiscal Year Health FSAs and the $2,500 Limit "On January 10, 2011 I posted about how employers with health FSAs that follow a fiscal year might comply with the $2,500 deferral dollar limit going into effect on January 1, 2013. This post updates and corrects the earlier post as follows: Notice 2012-9, which provides updated guidance on Form W-2 reporting of the value of group health care, exempts most health FSAs from the reporting requirement. The specific exemption applies to health FSAs that are exempt from HIPAA because they are funded entirely by employee salary deferrals, or because any employer contribution is $500 or less." (E is for ERISA) [Guidance Overview] HHS Adopts HIPAA Transaction Standards for Health Care Electronic Funds Transfer and Remittance Advice "HHS confirmed that a health plan may rely on its financial institution to translate payment instructions into the new file format requirements without the financial institution necessarily becoming subject to HIPAA's requirements. But, as the preamble warns, the health plan, and not its financial institution, will be ultimately responsible for compliance." (Thomson Reuters/EBIA) [Guidance Overview] Court Imposes Statutory Penalties for Failure to Send COBRA Election Notice to Employee's Last-Known Address "This case illustrates the importance of making sure accurate information from employment records is communicated by the employer to its TPA. It was not clear in this case whether the TPA accessed the employer's employment records system when it prepared the COBRA notice, nor was it clear whether the notice mailed by the TPA was actually returned as undeliverable." (Thomson Reuters/EBIA) [Official Guidance] Interim Final HHS Regs: Adoption of Standards for Health Care Electronic Funds Transfers and Remittance Advice (PDF) "This interim final rule with comment period implements parts of section 1104 of the Affordable Care Act which requires the adoption of a standard for electronic funds transfers (EFT). It defines EFT and explains how the adopted standards support and facilitate health care EFT transmissions. . . . These regulations are effective on [the date of publication in the Federal Register, expected to be January 10, 2012]." (U.S. Department of Health & Human Services) HIPAA Audits of 150 Plan Sponsors and Employers to Make Sure Employee Health and Financial Records Adequately Protected "Work began late last year, with 30 of the planned 150 audits beginning in November, with the remainder taking place through the end of this year. The audits -- selected by the Office of Civil Rights -- will include companies of all sizes and types of industries and be conducted by New York-based KPMG, an international financial and auditing firm." (Human Resource Executive Online) 2011 Saw Surge in HIPAA Compliance Issues "According to a recent Ponemon research study, data breaches alone have risen by 32%. Ninety-two percent of all healthcare institutions report they've experienced one in the past two years, and each such incident costs an average of $2.2 million." (Forbes.com LLC) TAA Extension Act Includes Health Coverage Provisions "[The Trade Adjustment Assistance Extension Act of 2011] retroactively increases the health coverage tax credit and extends COBRA periods for eligible TAA program participants and certain Pension Benefit Guaranty Corporation . . . payees. President Obama signed the act into law on October 21." (Towers Watson) HIPAA Audits Come with Short Turnaround Times "The planned timeline for the audits is aggressive. As described by HHS, an audit notification letter describing the initial documents and information to be turned over will be sent to a covered entity. The covered entity is then expected to provide the documents and information within 10 business days." (Perkins Coie LLP) HHS Website: HIPAA Privacy & Security Audit Program "The audit program serves as a new part of OCR's health information privacy and security compliance program. OCR will use the audit program to assess HIPAA compliance efforts by a range of covered entities[.]" (U.S. Department of Health & Human Services) [Guidance Overview] HHS Rolls Out HIPAA Audit Program "The Pilot Audit Program will include only HIPAA-covered entities, i.e., health care providers, health plans and health care clearinghouses, and not their business associates, but OCR stated that business associates would be included in future audits." (McDermott Will & Emery) [Guidance Overview] HHS Announces Immediate Start to HIPAA Audit Program (PDF) "The audit program will be run through the HHS's Office of Civil Rights . . . and will examine a wide range of covered entities, including group health plans." (Kelly, Hannaford & Battles P.A.) [Guidance Overview] Have the 'HIPAA Police' Finally Arrived? HHS Launches Formal Audit Program "The action is not unexpected; the American Recovery and Reinvestment Act of 2009 ('ARRA') required OCR to conduct the audits. However, the announcement, along with ARRA's increased penalties for not complying with HIPAA, may cause covered entities and business associates to refocus on HIPAA's requirements." (Quarles & Brady LLP) [Guidance Overview] HHS Launches Audit Program to Assess HIPAA Compliance "The [HHS Office for Civil Rights] is conducting audits of covered entities, including health plans, in a pilot program that begins November 2011 and will continue through December 2012." (Practical Law Company) [Guidance Overview] HHS to Begin HIPAA Privacy and Security Audits in November 2011 "The description of the pilot program emphasizes the benefits that may come from an increased understanding of why breaches occur and a sharing of best practices. But these audits can still lead to compliance reviews, resulting in monetary settlements or the imposition of civil money penalties." (Thomson Reuters/EBIA) HHS Announces Immediate HIPAA Audit Initiative "The audit will focus on the HIPAA privacy and security requirements. The OCR will select a broad range of entities, including health plans and health care providers of all sizes. HIPAA audits begin immediately." (Constangy, Brooks & Smith, LLP) Important word about authorship: BenefitsLink® (BenefitsLink.com) provides this page for you, containing selected hypertext links to pages on the web that our editors think will be useful or interesting to you. But BenefitsLink is not the author or publisher of those linked pages (except as expressly indicated). You should contact directly the author of any such linked pages for copyright or other information about their contents. Webmaster: Dave Baker (click)   ·   © 2012 BenefitsLink.com, Inc. (contact the webmaster for reprint permission)   ·   Linking: Feel free to link directly to this page, even without specifically crediting BenefitsLink ® as its source. Glad you're here!   ·   Privacy Policy