HIPAA Security, Privacy Updates Unveiled

HITECH Act Mandated the Enhancements
HIPAA Security, Privacy Updates Unveiled
Federal regulators have unveiled major proposed revisions to the HIPAA privacy, security and enforcement rules that were due more than four months ago.

The Department of Health and Human Services' Office for Civil Rights has posted the proposed rule, which is required under the Health Information Technology for Economic and Clinical Health Act, also known as the HITECH Act. HITECH mandated that the proposed regulations be issued by Feb. 18.

Major provisions of the proposal include:

  • Extending the applicability of certain of the HIPAA privacy and security rules' requirements to business associates -- companies that provide services to "covered entities," such as hospitals, clinics and insurers, and have access to protected health information;
  • Establishing new limitations on the use and disclosure of protected health information for marketing and fundraising purposes;
  • Prohibiting the sale of protected health information;
  • Expanding individuals' rights to access their health information and to obtain restrictions on certain disclosures of protected health information to health plans;
  • Strengthening and expanding HIPAA's enforcement provisions.

OCR will accept comments on the proposal for 60 days after it's published in the Federal Register on July 14.


About the Author

Howard Anderson

Howard Anderson

News Editor, ISMG

Anderson is news editor of Information Security Media Group and was founding editor of HealthcareInfoSecurity and DataBreachToday. He has more than 40 years of journalism experience, with a focus on healthcare information technology issues. Before launching HealthcareInfoSecurity, he served as founding editor of Health Data Management magazine, where he worked for 17 years, and he served in leadership roles at several other healthcare magazines and newspapers.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.