AHIMA Releases Full Analysis of HITECH-HIPAA final rule

In an effort to direct HIM professionals to the sections of the HITECH-HIPAA omnibus privacy and security final rule that specifically impacts the HIM industry, and provide guidance on how to respond, AHIMA staff experts have posted a full analysis of the lengthy rule on AHIMA’s website. Click here for the analysis.

The final rule includes significant additions and modifications to HIPAA requirements, called for in the 2009 ARRA-HITECH Act, and the Genetic Information Nondiscrimination Act of 2008.

The rule covers a variety of HIPAA changes that affect many sectors of the HIM, health IT, and general healthcare industries. For example, the final regulations include changes to privacy and security breach notification and enforcement that previously existed as interim final rules. AHIMA’s analysis breaks down the rule by section.

The Department of Health and Human Services’ Office for Civil Rights posted the HITECH Act’s HIPAA modification final rule to the Federal Register on January 25 after several years of industry anticipation. The full final rule is available in the Federal Register here.

In addition to this analysis, AHIMA will hold a series of free webinars discussing the new privacy and security rules. The first, held on January 28, is available here.

Check the AHIMA website at www.ahima.org for details on future webinars and educational sessions regarding the HITECH-HIPAA final rule.


  1. I work for Verizon 23 years (since January 1990). I suffered a work-accident disability on November 2, 2009. I signed MetLife’s HIPAA form on November 16, 2009. MetLife’s HIPAA form was good for only 18 months (so it expired on May 16, 2011. I still have not returned to work due to work-accident disability and Verizon’s failure to offer an accommodation. Since 2011 MetLife has closed out my disability case 5 times. Since 2011 MetLife has only requested my doctor’s notes (Dr. Lippe’s notes) 3 times out of 11 reports; that violates ERISA. ERISA requires MetLife (and all insurers) to do a “full and fair” review. If MetLife only requested my doctor’s notes 3 times then MetLife is guilty! of not doing a “full and fair” review. The 3 times MetLife requested my doctor’s notes MetLife requested using an expired (defective) HIPAA form. MetLife last requested Dr. Lippe’s notes in September 2012 using an expired (defective) HIPAA form. MetLife closed out my work-accident disability in January 2013 saying on my answering machine that MetLife did not receive Dr. Lippe’s notes. Since at least May 2011, MetLife has broken the law (ERISA and HIPAA). MetLife is not requesting my doctor’s notes at Orlin and Cohen in Massapequa (only 3 times out of 11 reports); MetLife is using an expired (defective HIPAA form); MetLife has closed out my work-accident disability 5 times (all ready?). I have let not only Dr. Lippe and Orlin and Cohen aware; I have let MetLife aware (conscious) of MetLife violating ERISA, HIPAA and my rights repeatedly (by phone and internet). If MetLife is doing this to me and the government (by not following directions) MetLife may be doing this to tens of thousands of injured American workers. The government needs to do an ‘accounting of disclosures’ for me and others.

    Post a Reply
    • U.S. Department of Justice,
      Fact: I wrote to HHS 3 Times about MetLife Disability violating HIPAA and ERISA
      Fact: 3 different HHS investigators wrote ‘me back’:
      “HHS does not have jurisdiction over administrators of disability plans;
      EBSA does!”
      Fact: I wrote to NY EBSA 3 Times about MetLife Disability violating HIPAA and ERISA
      Fact: NY EBSA investigator Jacell Moquete said:
      “EBSA does not have jurisdiction over HIPAA violations;
      HHS does!
      Fact: I wrote to NY EBSA Director Kay:
      “create a Joint HHS-EBSA Task Force”
      “close any and all HIPAA-ERISA loopholes”
      Fact: NY EBSA Director Kay never wrote ‘me back’
      U.S. Department of Justice,
      Investigate! HHS + NY EBSA
      so(w!) THAT you can
      Educate! HHS + NY EBSA

      Post a Reply
    • To report any wrong doing by insurance companies, physicians, hospitals, clinics, facilities, etc. seems to be just ignored by the agencies who are responsible to investigate. I can’t help but think this is due to the person or institutions being seen as more credible than the patients or is there some other reason as to why this keeps happening to look into? I spend hours researching and reading how this among so many other health related documentation is causing devastating consequences to patients and their families. The devastating reports from people everywhere are real and continue to inflict millions every day. Our family and our livelihood are facing financial devastation and other damaging lash back from my husbands medical records containing very false and unfounded entries from physician/physicians. I continue to search for justice, and hopefully will find it soon, yes we are scared and of course we are furious this is being allowed.

      Post a Reply
  2. Dear Tim, I see you’ve got a case here that would be more appropriate in the hands of the Office for Civil Rights , or OCR. I would google their website, and report your case to the appropriate authorities. HIPPA rules and timing of forms etc.. need to be reviewed by a privacy officer.

    Post a Reply
  3. U.S. Department of Justice,
    Fact: I signed my first MetLife HIPAA form on 11/16/2009.
    Fact: MetLife’s first HIPAA form was good (valid) for only 18 months.
    Fact: Metlife’s first HIPAA form expired on 5/16/2011.
    Fact: MetLife continued to use that defective HIPAA form until 11/12/2013.
    Fact: I signed my second MetLife HIPAA form on 11/12/2013.
    Fact: MetLife’s second HIPAA form was good (valid) for only 24 months.
    Fact: MetLife’s second HIPAA form expired on 11/12/2015.
    Fact: It’s 2/9/2017!
    Fact: MetLife is using a HIPAA form which expired in 2015 to request my PHI in 2017
    why don’t y’all [DOJ + HHS + EBSA] raid MetLife Disability
    why don’t y’all [DOJ + HHS + EBSA] surprise all administrators of disability plans in 2017
    ‘see’ for yourselves which administrators of disability plans are HIPAAcrits

    Post a Reply

Submit a Comment

Your email address will not be published. Required fields are marked *

Share This

Share This

Share this post with your friends!