AHIMA Releases Full Analysis of HITECH-HIPAA final rule

In an effort to direct HIM professionals to the sections of the HITECH-HIPAA omnibus privacy and security final rule that specifically impacts the HIM industry, and provide guidance on how to respond, AHIMA staff experts have posted a full analysis of the lengthy rule on AHIMA’s website. Click here for the analysis.

The final rule includes significant additions and modifications to HIPAA requirements, called for in the 2009 ARRA-HITECH Act, and the Genetic Information Nondiscrimination Act of 2008.

The rule covers a variety of HIPAA changes that affect many sectors of the HIM, health IT, and general healthcare industries. For example, the final regulations include changes to privacy and security breach notification and enforcement that previously existed as interim final rules. AHIMA’s analysis breaks down the rule by section.

The Department of Health and Human Services’ Office for Civil Rights posted the HITECH Act’s HIPAA modification final rule to the Federal Register on January 25 after several years of industry anticipation. The full final rule is available in the Federal Register here.

In addition to this analysis, AHIMA will hold a series of free webinars discussing the new privacy and security rules. The first, held on January 28, is available here.

Check the AHIMA website at www.ahima.org for details on future webinars and educational sessions regarding the HITECH-HIPAA final rule.


  1. I work for Verizon 23 years (since January 1990). I suffered a work-accident disability on November 2, 2009. I signed MetLife’s HIPAA form on November 16, 2009. MetLife’s HIPAA form was good for only 18 months (so it expired on May 16, 2011. I still have not returned to work due to work-accident disability and Verizon’s failure to offer an accommodation. Since 2011 MetLife has closed out my disability case 5 times. Since 2011 MetLife has only requested my doctor’s notes (Dr. Lippe’s notes) 3 times out of 11 reports; that violates ERISA. ERISA requires MetLife (and all insurers) to do a “full and fair” review. If MetLife only requested my doctor’s notes 3 times then MetLife is guilty! of not doing a “full and fair” review. The 3 times MetLife requested my doctor’s notes MetLife requested using an expired (defective) HIPAA form. MetLife last requested Dr. Lippe’s notes in September 2012 using an expired (defective) HIPAA form. MetLife closed out my work-accident disability in January 2013 saying on my answering machine that MetLife did not receive Dr. Lippe’s notes. Since at least May 2011, MetLife has broken the law (ERISA and HIPAA). MetLife is not requesting my doctor’s notes at Orlin and Cohen in Massapequa (only 3 times out of 11 reports); MetLife is using an expired (defective HIPAA form); MetLife has closed out my work-accident disability 5 times (all ready?). I have let not only Dr. Lippe and Orlin and Cohen aware; I have let MetLife aware (conscious) of MetLife violating ERISA, HIPAA and my rights repeatedly (by phone and internet). If MetLife is doing this to me and the government (by not following directions) MetLife may be doing this to tens of thousands of injured American workers. The government needs to do an ‘accounting of disclosures’ for me and others.

    Post a Reply
  2. Dear Tim, I see you’ve got a case here that would be more appropriate in the hands of the Office for Civil Rights , or OCR. I would google their website, and report your case to the appropriate authorities. HIPPA rules and timing of forms etc.. need to be reviewed by a privacy officer.

    Post a Reply

Submit a Comment

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

Share This

Share This

Share this post with your friends!