March 9, 2006

EMPLOYEE BENEFITS E-UPDATE 

HIPAA Privacy and Security Deadlines Approaching

Large Health Plans Must Provide Reminder That HIPAA
Privacy Notice Is Available.

Once every three years, health plans and flexible spending account plans must remind participants that their Notice of Privacy Practices is available and how to obtain it. For plans that first issued their Notices in 2003, the reminder needs to be provided by April 14 of this year (unless the plan has reissued its Notice since 2003 either as part of an annual open enrollment packet or because of a change in privacy practices).

Small Health Plans Must Comply With HIPAA Security By April 20, 2006.

Small health plans (those having under $5,000,000 in receipts during the prior year) must comply with the HIPAA Security Rule by April 20, 2006. (The due date for large plans was April 20, 2005.) While many of the Security procedures will be performed on behalf of the plan by the insurance carrier or third party administrator, plans need to be aware of their specific security obligations in connection with the HIPAA Security Rule.
 
Go here to learn more about these upcoming deadlines and how they may impact your business.

This publication is intended for general information purposes only and does not and is not intended to constitute legal advice.  The reader must consult with legal counsel to determine how laws or decisions discussed herein apply to the reader's specific circumstances.
Copyright (c) 2006 Ice Miller LLP and its licensors. All rights reserved.