BREAKING: HHS Releases HIPAA Update | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

BREAKING: HHS Releases HIPAA Update

January 17, 2013
by Gabriel Perna
| Reprints

The U.S. Department of Health and Human Services (HHS) has released an update to the Health Insurance Portability and Accountability Act of 1996 (HIPAA), aiming to better protect patient privacy and safeguard patients’ health information in the digital age, according to HHS Secretary Kathleen Sebelius. 

The changes to HIPAA, according to HHS, are a bit consumer-focused. For instance, patients can now ask for a copy of their electronic medical record in an electronic form. Furthermore, HHS is allowing individuals the ability to tell their provider to not share information about their treatment with their health plan. There are also limits on how your health information can be used and disclosed for marketing and fundraising purposes. It also has forbidden the sale of a patients’ health information without their permission.

According to HHS, this HIPAA update will also expand the legislation to include greater focus and requirements of business associates of providers, payers, and other healthcare organizations that receive protected health information (PHI). HHS cites the fact that many of the largest data breaches in the past have been due to third-party mishap. As a result, penalties have been increased for noncompliance based on the level of negligence with a maximum penalty of $1.5 million per violation.

“This final omnibus rule marks the most sweeping changes to the HIPAA Privacy and Security Rules since they were first implemented,” HHS Office for Civil Rights Director Leon Rodriguez said in a statement.   “These changes not only greatly enhance a patient’s privacy rights and protections, but also strengthen the ability of my office to vigorously enforce the HIPAA privacy and security protections, regardless of whether the information is being held by a health plan, a health care provider, or one of their business associates.”

These and other HIPAA changes can be viewed here.

Get the latest information on Health IT and attend other valuable sessions at this two-day Summit providing healthcare leaders with educational content, insightful debate and dialogue on the future of healthcare and technology.

Learn More

Topics

News

Health Share of Oregon Facing Challenges with Ride to Care Service

Health Share of Oregon’s non-emergency transportation vendor is in danger of losing money if it doesn’t meet its performance targets by the end of June, the coordinated care organization recently stated.

NJ Hospital Association Invests in Opioid Tracking Tool for Hospitals

As opioid overdoses continue to claim more lives, the New Jersey Hospital Association and its Health Research and Educational Trust announced a $1.5 million investment in an emergency department tracking tool for hospitals statewide to better monitor opioid prescriptions.

Sequoia Project Revises National Patient Matching Framework

The nonprofit Sequoia Project, an industry advocate for nationwide interoperability, has released a revised national patient matching framework.

Kaiser, Emory Healthcare Partner on Integrated Care Model in Atlanta

Emory Healthcare, the clinical arm of Emory University, and Kaiser Permanente have announced a partnership in metropolitan Atlanta.

Report: Cyber Attacks on the Rise and Evolving, as Ransomware Declines

Cyberthreats are continuing to increase and shift, and even though ransomware attacks are significantly declining, cyberattacks are on the rise, according to a new report from the global association ISACA.

Hospitals Making Progress in mHealth Strategies, Survey Finds

For the third consecutive year in Spok’s mobile healthcare survey, more than half of respondents reported having a mobile strategy in place.