Published on Security Management (http://www.securitymanagement.com)
HHS Proposal Would Strengthen HIPAA Privacy Rule
By John Wagley
Created 06/01/2011 - 13:03



    
Wrap-Up?: 
No
Weight: 
0
Lead Headline?: 
Yes
Date: 
06/01/2011
By Line: 
By John Wagley
Teaser: 
A new proposed rule by The U.S. Department of Health and Human Services (HHS) would give people the right to learn who may have accessed their electronically stored healthcare information.




A new proposed rule [1] by The U.S. Department of Health and Human Services (HHS) would give people the right to learn who may have accessed their electronically stored healthcare information.


The changes would affect the Health Insurance Portability and Accountability (HIPAA) Act Privacy Rule, dividing a section pertaining to disclosure and accountability into two parts. One would set forth an individual’s right to an “accounting of disclosures”; another would pertain to people’s right to learn which employee or outside party may have accessed their information.


The proposal is partly an effort to implement statutory requirements under the Health Information Technology for Economic and Clinical Health “HITECH” ACT, according to HHS. HITECH, passed in 2009 largely to stimulate the use of electronic health records, mandates strengthening electronic record disclosure laws, according to HHS.


The proposal “represents an important step in our continued efforts to promote accountability across the health care system, ensuring that providers properly safeguard private health information,” said Georgina Verdugo, director of HHS’ Office of Civil Rights, in a statement [2]. OCR enforces HIPAA.




HIPAA currently requires covered entities to track who has accessed protected electronic health information but it does not require sharing such information with patients, according to HHS. Under the proposal, individuals could learn who accessed their information through an “access report.”


The proposal would also provide more detail on “certain disclosures that are most likely to affect a person’s rights or interests,” according to the HHS statement. Individuals would have a right to an accounting of disclosure whether the protected information was stored electronically or in hard-copy format.


The proposal would “provide information of value to individuals while placing a reasonable burden” on covered entities and business associates, according to HHS. HHS will accept comments on the new changes until August 1.

 




♦ Photo by SeoPresident/Flickr [3]


Related Resources: 
Thumbnail: 
Comments


    

    




  
Security Management is the award-winning publication of ASIS International, the preeminent international

organization for security professionals, with more than 38,000 members worldwide.


ASIS International, Inc. Worldwide Headquarters, 1625 Prince Street, Alexandria, Virginia 22314-2818 U.S.A.

703.519.6200 | fax 703.519.6299 | www.asisonline.org


ASIS


© 2013 Security Management

This site is protected by copyright and trade mark laws under U.S. and International law.

No part of this work may be reproduced without the written permission of Security Management.








    

    
Source URL: http://www.securitymanagement.com/news/hhs-proposal-would-strengthen-hipaa-privacy-rule-008618

    
Links:
[1] http://www.ofr.gov/OFRUpload/OFRData/2011-13297_PI.pdf

[2] http://www.hhs.gov/news/press/2011pres/05/20110531c.html

[3] http://www.flickr.com/photos/newyorklasik/5561030317/