BREAKING: HHS Releases HIPAA Update | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

BREAKING: HHS Releases HIPAA Update

January 17, 2013
by Gabriel Perna
| Reprints

The U.S. Department of Health and Human Services (HHS) has released an update to the Health Insurance Portability and Accountability Act of 1996 (HIPAA), aiming to better protect patient privacy and safeguard patients’ health information in the digital age, according to HHS Secretary Kathleen Sebelius. 

The changes to HIPAA, according to HHS, are a bit consumer-focused. For instance, patients can now ask for a copy of their electronic medical record in an electronic form. Furthermore, HHS is allowing individuals the ability to tell their provider to not share information about their treatment with their health plan. There are also limits on how your health information can be used and disclosed for marketing and fundraising purposes. It also has forbidden the sale of a patients’ health information without their permission.

According to HHS, this HIPAA update will also expand the legislation to include greater focus and requirements of business associates of providers, payers, and other healthcare organizations that receive protected health information (PHI). HHS cites the fact that many of the largest data breaches in the past have been due to third-party mishap. As a result, penalties have been increased for noncompliance based on the level of negligence with a maximum penalty of $1.5 million per violation.

“This final omnibus rule marks the most sweeping changes to the HIPAA Privacy and Security Rules since they were first implemented,” HHS Office for Civil Rights Director Leon Rodriguez said in a statement.   “These changes not only greatly enhance a patient’s privacy rights and protections, but also strengthen the ability of my office to vigorously enforce the HIPAA privacy and security protections, regardless of whether the information is being held by a health plan, a health care provider, or one of their business associates.”

These and other HIPAA changes can be viewed here.

Topics

News

Allscripts Acknowledges Ransomware Attack, Says Impact is “Limited”

Health IT vendor Allscripts has acknowledged that it is investigating a ransomware incident that has impacted a limited number of its applications.

AHRQ to Fund Patient Safety Learning Laboratories

The federal Agency for Healthcare Research Quality plans to spend up to $5 million in fiscal 2018 to support as many as eight patient safety learning laboratories.

RCM Global Software Market to Hit $43.3B by 2022, Report Finds

The global market for healthcare revenue cycle management software is estimated to reach $43.3 billion by the end of 2022, according to a report from Future Market Insights (FMI).

Global Open Source HIT Project Gets $1M Donation From Cryptocurrency Philanthropy

OpenMRS, Inc., an open source medical records platform used in developing countries, has received a $1 million donation from the Pineapple Fund, an $86 million cryptocurrency philanthropy created by an anonymous donor known only as “Pine.”

Media Reports: Massive Data Breach of Norwegian Health Authority Could Impact 3 Million Patients

International media outlets are reporting that a hacker or hacker group breached the systems of Norway’s Health South East EHF, potentially compromising the healthcare data of nearly 3 million patients, or about half of Norway’s population.

Healthcare Groups Call for Improvements to Prior Authorization Process

A collaborative of healthcare organizations, including the American Medical Association, the American Hospital Association, and the Medical Group Management Association, released a joint statement this week calling for improved prior authorization procedures, including automating the process to improve transparency and efficiency.