HHS Announces New Health Information Privacy Rules | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

HHS Announces New Health Information Privacy Rules

July 9, 2010
by root
| Reprints

Secretary of Health and Human Services Kathleen Sebelius has announced new rules and resources to increase the privacy of health information. Through the Health Information Technology for Economic and Clinical Health (HITECH) Act, enacted as part of the American Recovery and Reinvestment Act of 2009, current health information privacy and security rules will now include broader individual rights and stronger protections when third parties handle individually identifiable health information.

The proposed rule announced today would strengthen and expand enforcement of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy, Security, and Enforcement Rules by:

  • expanding individuals’ rights to access their information and to restrict certain types of disclosures of protected health information to health plans.
  • requiring business associates of HIPAA-covered entities to be under most of the same rules as the covered entities;
  • setting new limitations on the use and disclosure of protected health information for marketing and fundraising; and
  • prohibiting the sale of protected health information without patient authorization.

HHS is also looking more closely at entities that are not covered by HIPAA rules to understand better how they handle personal health information and to determine whether additional privacy and security protections are needed for these entities.

HHS also launched today a privacy website at http://www.hhs.gov/healthprivacy/index.html to help visitors access information about existing HHS privacy efforts and the policies supporting them.

Topics

News

Report: Healthcare Organizations Struggle with Human Error in Securing PHI

In the first nine months of 2017, unintended disclosure accounted for 41 percent of healthcare data breach incidents, according to a report from specialist insurer Beazley.

Three More Providers Receive 2017 HIMSS Davies Awards

Three patient care organizations have received the 2017 global Healthcare Information and Management Systems Society (HIMSS) Enterprise Nicholas E. Davies Award of Excellence for healthcare technology innovations that improve patient outcomes.

Medtronic, American Well Team Up to Integrate Telehealth Capabilities

Medtronic and American Well announced a partnership to offer a telehealth solution focused on the unique needs of the complex, chronic, co-morbid patient population.

Medsphere Merges with RCM Vendor Stockell

Medsphere Systems Corp., developer of the OpenVista electronic health record, is merging with Stockell Healthcare Systems, which offers a suite of revenue cycle management tools.

Report: Insider Threats to Patient Data Remain Unnoticed

Of the reported healthcare data breach incidents that occurred in September, it took an average of 387 days for healthcare organizations to discover a breach had occurred, according to a report from cybersecurity software company Protenus.

Reports: Ex-Pharma Exec Alex Azar Emerges as Trump’s Top Pick for HHS Secretary

President Donald Trump could be on the verge of tapping Alex Azar, a former pharmaceutical industry executive and George W. Bush administration official, as the next HHS Secretary, according to media reports.