Federal Privacy & Security Regulations for HIPAA Covered Products

On January 17, 2013, the U.S. Department of Health & Human Services issued a final rule (“Omnibus Rule”) which changed various aspects of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). The Omnibus Rule became effective March 26, 2013. Business Associates needed to comply with its requirements by September 23, 2013.

If you are a producer/agent /broker for any of the carriers represented through Associates of Clifton Park, including asset based products and life insurance, you are a Business Associate of the Entity (Carrier) and Associates of Clifton Park. As Business Associates, all appointed agents must now be in compliance with the HIPAA Security Rule. You must:

  • Ensure confidentiality, integrity and availability of electronic protected health information, created, received, maintained and transmitted.
  • Protect against “reasonably anticipated threats tor hazards” to ‘security or integrity” of this information.

For a copy of US H&HS Summary of the HIPAA Privacy Rule, visit:

https://www.hhs.gov/sites/default/files/ocr/privacy/hipaa/understanding/summary/privacysummary.pdf