06 May Microsoft addresses changing HIPAA regulations
For healthcare organizations to best serve their patients, they must adhere to certain industry regulations. However, the U.S. Health Insurance Portability and Accountability Act (HIPAA) recently underwent some changes that could have an effect on hospitals that neglect to update their systems. Microsoft recently announced that it has made adjustments to its HIPAA Business Associate Agreement (BAA) to ensure their customers in the medical field and beyond remain compliant.
Compliance becomes critical
Microsoft stressed that meeting HIPAA standards is an essential component of its cloud offerings, and as such the updates, which cover Office 365, Microsoft Dynamics CRM Online and Windows Azure Core Services, cater to the final omnibus rule that went into effect on March 26. The ruling will have a major effect on what constitutes privacy and security compliance in the healthcare sector.
One major aspect of the HIPAA changes is the redefinition of what constitutes compliance in light of a data breach, HealthcareITNews noted. Jorge Rey, an associate principal and the director of information security and compliance for Kaufman, Rossin & Co., told the source that the most significant differences revolve around breach notification rules, which used to presume providers innocent of causing harm until other evidence was presented. New HIPAA regulations raise the stakes, with healthcare providers assumed to be guilty first. Practices will need better IT solutions than ever because once an accident occurs, they will need to prove their innocence.
Additionally, Rey pointed out, business associates are included under this rule, which could catch companies off guard. The new standards will go into full effect this September. Until then, enterprises may operate under the previous set of rules.
In anticipation of the new challenges healthcare organizations and their service providers will face, Microsoft has ensured these organizations have what they need to remain in good stead with the law and patients alike, all while reaping the important benefits that cloud computing technologies offer.
"Team communication and collaboration is the lifeblood of the health industry, and more and more healthcare organizations are realizing the productivity, care team communications and cost-savings benefits of cloud computing," said Dennis Schmuland, chief health strategy officer of U.S. Health & Life Sciences at Microsoft. "Microsoft Office 365 is the only major cloud business productivity solution to programmatically offer a BAA built with the industry, and for the industry, to HIPAA-regulated customers, allowing healthcare organizations to be confident in the security and privacy of their patient data while empowering their staff to communicate and collaborate virtually anytime and almost anywhere."
Forbes contributor Dan Munro stressed that the new HIPAA regulations stand to have a profoundly positive effect on healthcare providers and the people they serve, despite the high costs of compliance (between $114 and $225 million in the first year and $14 million in the following ones). The medical industry, he wrote, has traditionally been a prime target of identity thieves and has shown "deficiencies" in years past.
Of course, to meet new challenges, medical practices will need the right IT solutions. By motivating organizations to operate more safely and compliantly in the cloud, the more stringent regulations may improve operations to guarantee patient safety and, ultimately, help healthcare institutions meet regulations more effectively. As long as IT innovators are there for support, success is possible.