APMA submitted comments to the Department of Health and Human Services (HHS) and the Office of Civil Rights (OCR), expressing significant concerns about the proposed changes to existing Health Insurance Portability and Accountability Act (HIPAA) on Thursday, March 6. While APMA recognizes there are increasing cybersecurity threats in health care and a corresponding need to strengthen the protection of electronic-protected health information (ePHI), the burdens that the proposed changes would place on providers would be too great. Instead, APMA urged HHS to (i) reduce compliance burdens with respect to internal and documentation requirements, (ii) provide for greater compliance flexibility where the proposed rule places significant and disproportionate burdens on physician practices (particularly, smaller practices with limited resources), and (iii) work further with stakeholders to develop feasible compliance measures that do not place excessive strains on provider resources.
To read this letter and other APMA comments, visit www.apma.org/CommentLetters. Contact APMA’s Advocacy Department with any questions.