Healthcare organizations will spend 32.8 million hours complying with the modified HIPAA Omnibus Rule, according to the Department of Health and Human Services' Office for Civil Rights.
They state that the bulk of that time 30.655 million hours involves the dissemination and acknowledgement of privacy practices at provider offices.
"Much has changed in healthcare since HIPAA was enacted over 15 years ago," HHS Secretary Kathleen Sebelius said inwhen the new HIPAA Omnibus rule was unveiled. "The new rule will help protect patient privacy and safeguard patients' health information in an ever expanding digital age."
HHS/OCR breaks down the anticipated time spent on compliance functions as follows:
- Documentation of security procedures in place: 350,000 hours.
- Business associate need to establish or modify BA agreements with subcontractors:125,000 hours.
- Revising the language in privacy notices:167,000 hours.
It attributes 619,000 hours to "new burdens" associated with the HIPAA omnibus rule. Much of this work will have to be repeated annually.
What is the compliance burden for your practice? How much of the 32.8 million hours do you own?
If you find that your compliance burden is too onerous for you, you can turn to us for help as thousands of healthcare practices have done. You can be completely compliant in an hour or two. Let us show you!