As they prepare to meet the Sept. 23 compliance deadline for the HIPAA Omnibus Rule, security leaders at healthcare organizations are finding one requirement particularly challenging. The rule requires organizations to accommodate patients’ requests to not disclose to their health insurer information about a product or service that they paid for out of their own pockets. Carrying out this requirement could prove difficult, in large part, because many electronic health record, e-prescribing and other information systems lack features that easily allow segments of data to be flagged or withheld from electronic transmission. For more information please click here HIPAA SELF PAY RULE