TRENDING:

HIPAA Security, Privacy Updates Unveiled

HITECH Act Mandated the Enhancements Howard Anderson (ismg_editor) • July 8, 2010    
HIPAA Security, Privacy Updates Unveiled
Federal regulators have unveiled major proposed revisions to the HIPAA privacy, security and enforcement rules that were due more than four months ago.

The Department of Health and Human Services' Office for Civil Rights has posted the proposed rule, which is required under the Health Information Technology for Economic and Clinical Health Act, also known as the HITECH Act. HITECH mandated that the proposed regulations be issued by Feb. 18.

Major provisions of the proposal include:

  • Extending the applicability of certain of the HIPAA privacy and security rules' requirements to business associates -- companies that provide services to "covered entities," such as hospitals, clinics and insurers, and have access to protected health information;
  • Establishing new limitations on the use and disclosure of protected health information for marketing and fundraising purposes;
  • Prohibiting the sale of protected health information;
  • Expanding individuals' rights to access their health information and to obtain restrictions on certain disclosures of protected health information to health plans;
  • Strengthening and expanding HIPAA's enforcement provisions.

OCR will accept comments on the proposal for 60 days after it's published in the Federal Register on July 14.

Previous
Breach Lessons: Sweat the Small Stuff
Next
The CISO as Role Model

About the Author

Howard Anderson

Howard Anderson

Former News Editor, ISMG

Anderson was news editor of Information Security Media Group and founding editor of HealthcareInfoSecurity and DataBreachToday. He has more than 40 years of journalism experience, with a focus on healthcare information technology issues. Before launching HealthcareInfoSecurity, he served as founding editor of Health Data Management magazine, where he worked for 17 years, and he served in leadership roles at several other healthcare magazines and newspapers.



Around the Network

Evolving Threats Facing Robotic and Other Medical Gear
Evolving Threats Facing Robotic and Other Medical Gear
Why Health Firms Struggle with Cybersecurity Frameworks
Why Health Firms Struggle with Cybersecurity Frameworks
Identity Security and How to Reduce Risk During M&A
Identity Security and How to Reduce Risk During M&A
How 'Security by Default' Boosts Health Sector Cybersecurity
How 'Security by Default' Boosts Health Sector Cybersecurity
Medical Device Cyberthreat Modeling: Top Considerations
Medical Device Cyberthreat Modeling: Top Considerations
Safeguarding Critical OT and IoT Gear Used in Healthcare
Safeguarding Critical OT and IoT Gear Used in Healthcare
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
Protecting Medical Devices Against Future Cyberthreats
Protecting Medical Devices Against Future Cyberthreats
Is It Generative AI's Fault, or Do We Blame Human Beings?
Is It Generative AI's Fault, or Do We Blame Human Beings?
Transforming a Cyber Program in the Aftermath of an Attack
Transforming a Cyber Program in the Aftermath of an Attack

Continue »

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.