HHS Proposal Would Strengthen HIPAA Privacy Rule

By John Wagley

HIPAA currently requires covered entities to track who has accessed protected electronic health information but it does not require sharing such information with patients, according to HHS. Under the proposal, individuals could learn who accessed their information through an “access report.”

The proposal would also provide more detail on “certain disclosures that are most likely to affect a person’s rights or interests,” according to the HHS statement. Individuals would have a right to an accounting of disclosure whether the protected information was stored electronically or in hard-copy format.

The proposal would “provide information of value to individuals while placing a reasonable burden” on covered entities and business associates, according to HHS. HHS will accept comments on the new changes until August 1.

♦ Photo by SeoPresident/Flickr


View Recent News (by day)


Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.