> >

News

NASW News Editorial

Managing Editor
Laetitia Clayton

Senior Editor
Paul R. Pace

Deputy Director and
NASW News Editor-in-Chief
Gail Woods Waller

Advertising Sales

Jim Snyder
(703) 764-5949

Subscriptions

Member Address Changes
(800) 742-4089
membership@naswdc.org

Non-member Subscriptions/ Address Changes
NASW Press Distribution Center
(800) 227-3590
press@naswdc.org

Subscription Price:
Members, $17 (included in annual dues); non-members, $35 per year; single copy, $8.

Year

2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008

NASW News

HIPAA Policies Updated

by Paul Pace

NASW has updated its Health Insurance Portability and Accountability Act, or HIPAA, online policies, forms and online training course.

The information can assist social workers who are required to abide by the client privacy policies outlined in the Health Information Technology for Economic and Clinical Health (HITECH) Act, said Sherri Morgan, associate counsel for the NASW Legal Defense Fund.

As a result of the HITECH amendments, HIPAA standards have been tightened and clarified to reflect needed changes and they list specific notification requirements to clients if there is an unauthorized release of their private health records, specifically if the information is not encrypted.

While adherence to HIPAA has been complaint-driven in the past, government enforcement and stiffer penalties for noncompliance are expected to increase this year, Morgan explained. “The Office of Civil Rights for the Department of Health and Human Services is responsible for enforcing these rules,” she said. “However, state attorneys general also have been granted authority for civil enforcement.”

Social workers are encouraged to read the LDF February Legal Issue of the Month: HITECH HIPAA for Social Workers to learn about the latest requirements, Morgan noted.

Another source for information is the Department of Health and Human Services’ Web site Health Information Privacy.

At press time, several new rules for HIPAA-covered entities were expected to have taken effect in February, Morgan said.

Of particular note, health care entities, including clinical social workers, must comply with clients’ requests:

for a copy of their records, including in electronic format;
for their medical records to be forwarded to another entity or individual through electronic means if applicable;
for the provider not to notify their health plan, if they pay for services out of pocket; and
to opt out of any marketing or fundraising program.

Covered entities are also expected to have a HIPAA agreement in place with any third-party business associates, Morgan said. Existing agreements should be updated to reflect the new breach notification requirements and business associates’ expanded HIPAA compliance obligations which are now similar to covered entities’ obligations.

At press time, it was anticipated that HHS will provide updated information about the most effective client privacy safeguards; a report about HIPAA audit and enforcement changes; and an outline of civil and monetary penalties for noncompliance.

To assist social workers in meeting their HIPAA training requirements, NASW will debut an updated HIPAA training course that incorporates the HITECH Act. While there is a fee to take the course, members will receive a discount, Morgan said. The course is also open to nonmembers.

Members will be able to download updated HIPAA policy documents and client template forms.

Social workers are also encouraged to review their state’s health care privacy standards, Morgan said, as many states have existing privacy breach notification laws.

Update

Information on the new (2017) NASW Website: